General
-
Target
5cb6f7b7298265928cad3274b0f0a9ded0b9c99a09db742ec40617742c665fb0
-
Size
4.2MB
-
Sample
230608-jlrhdadb38
-
MD5
620b5a67294f5473fb003c3da5c05097
-
SHA1
333c8208ddf80918578fbd0e8292462e293658fe
-
SHA256
5cb6f7b7298265928cad3274b0f0a9ded0b9c99a09db742ec40617742c665fb0
-
SHA512
d14590ec1b9ee413935b040c72d00e9bd2c78159e1921c9152f0bf84257faf9ea4dfc45407e2f0bffaefe7bd24c3ab5789c42210cca60e758ea2f2d4b049233a
-
SSDEEP
98304:U3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewO:6qAKWJIEszXOIaMkQIWyay
Static task
static1
Malware Config
Targets
-
-
Target
5cb6f7b7298265928cad3274b0f0a9ded0b9c99a09db742ec40617742c665fb0
-
Size
4.2MB
-
MD5
620b5a67294f5473fb003c3da5c05097
-
SHA1
333c8208ddf80918578fbd0e8292462e293658fe
-
SHA256
5cb6f7b7298265928cad3274b0f0a9ded0b9c99a09db742ec40617742c665fb0
-
SHA512
d14590ec1b9ee413935b040c72d00e9bd2c78159e1921c9152f0bf84257faf9ea4dfc45407e2f0bffaefe7bd24c3ab5789c42210cca60e758ea2f2d4b049233a
-
SSDEEP
98304:U3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewO:6qAKWJIEszXOIaMkQIWyay
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-