General
-
Target
45fce30f4ecb9fe91f6d99fc0336a7d7a4225bdab988ac3796439e83959c75e3
-
Size
4.2MB
-
Sample
230608-ftcseach8s
-
MD5
b56f5bc688a2b7bae091343583b0dfa5
-
SHA1
270c5c5601d0ad8b5065d657eabd2e765f31fc0e
-
SHA256
45fce30f4ecb9fe91f6d99fc0336a7d7a4225bdab988ac3796439e83959c75e3
-
SHA512
928e43924409e30b67bcb212b42a44ae4162cb5894a261301025f72e4b0859fbaa8f3d3bd3ca8e7f7d6a5f1110b6be97112ea54341c32bb3338bae6e015bc4d1
-
SSDEEP
98304:UL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koat:A9SJ4yTnCtCAbspfvRat
Static task
static1
Malware Config
Targets
-
-
Target
45fce30f4ecb9fe91f6d99fc0336a7d7a4225bdab988ac3796439e83959c75e3
-
Size
4.2MB
-
MD5
b56f5bc688a2b7bae091343583b0dfa5
-
SHA1
270c5c5601d0ad8b5065d657eabd2e765f31fc0e
-
SHA256
45fce30f4ecb9fe91f6d99fc0336a7d7a4225bdab988ac3796439e83959c75e3
-
SHA512
928e43924409e30b67bcb212b42a44ae4162cb5894a261301025f72e4b0859fbaa8f3d3bd3ca8e7f7d6a5f1110b6be97112ea54341c32bb3338bae6e015bc4d1
-
SSDEEP
98304:UL9MLJ4yT5nBpJLCTRLHuTMeBrhT8sCKfL71koat:A9SJ4yTnCtCAbspfvRat
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-