General
-
Target
6f18b6b77d6a42f529be4bd6ab7e1d830c5cc6f751f8e10f67ad12971d75a657
-
Size
4.2MB
-
Sample
230608-jlsqfadb39
-
MD5
64d0fad4547a05e4bec70f12754a79be
-
SHA1
4baf6a2256595b56a71b92aec9e2c9a9637b2af5
-
SHA256
6f18b6b77d6a42f529be4bd6ab7e1d830c5cc6f751f8e10f67ad12971d75a657
-
SHA512
a6e3dfd91ed2a540350d163f26642495a152403f28f4e3c9c45e47068fd5a9cbca50854a87c6c30c84d5f456a492c27aefd0e70e5393f50188633b5942b4dc4f
-
SSDEEP
98304:E3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewpZ:qqAKWJIEszXOIaMkQIWyaj
Static task
static1
Malware Config
Targets
-
-
Target
6f18b6b77d6a42f529be4bd6ab7e1d830c5cc6f751f8e10f67ad12971d75a657
-
Size
4.2MB
-
MD5
64d0fad4547a05e4bec70f12754a79be
-
SHA1
4baf6a2256595b56a71b92aec9e2c9a9637b2af5
-
SHA256
6f18b6b77d6a42f529be4bd6ab7e1d830c5cc6f751f8e10f67ad12971d75a657
-
SHA512
a6e3dfd91ed2a540350d163f26642495a152403f28f4e3c9c45e47068fd5a9cbca50854a87c6c30c84d5f456a492c27aefd0e70e5393f50188633b5942b4dc4f
-
SSDEEP
98304:E3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewpZ:qqAKWJIEszXOIaMkQIWyaj
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-