General
-
Target
bbae2835a6edb162109cdc5289660235830170d249cde85aa895b26bd2c4a52e
-
Size
4.2MB
-
Sample
230608-jk74qsdf7y
-
MD5
8519154d0627fee913bb98ce61206930
-
SHA1
f3417f92a811d4cf302c03cabfbbbbe721bf15ad
-
SHA256
bbae2835a6edb162109cdc5289660235830170d249cde85aa895b26bd2c4a52e
-
SHA512
e0831f554740c2f0b6eb2064f0e544ebc172a4d9efc4918dd30bc8dc4987bcaa5d920ff1d9d1d21a4b7c3c1b9fc7003b3297a0154677b320d65201d8edbd8a96
-
SSDEEP
98304:E3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewi:qqAKWJIEszXOIaMkQIWyaG
Static task
static1
Malware Config
Targets
-
-
Target
bbae2835a6edb162109cdc5289660235830170d249cde85aa895b26bd2c4a52e
-
Size
4.2MB
-
MD5
8519154d0627fee913bb98ce61206930
-
SHA1
f3417f92a811d4cf302c03cabfbbbbe721bf15ad
-
SHA256
bbae2835a6edb162109cdc5289660235830170d249cde85aa895b26bd2c4a52e
-
SHA512
e0831f554740c2f0b6eb2064f0e544ebc172a4d9efc4918dd30bc8dc4987bcaa5d920ff1d9d1d21a4b7c3c1b9fc7003b3297a0154677b320d65201d8edbd8a96
-
SSDEEP
98304:E3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewi:qqAKWJIEszXOIaMkQIWyaG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-