General
-
Target
ab8c4714bdb456ef4885ce1dcfcffaa8aeee0ab5669f5cbb43922b60f5a670b6
-
Size
4.2MB
-
Sample
230608-jpvn7sdf81
-
MD5
dd47f77d085b703c91eda8a3ab29b867
-
SHA1
c0c01dc134205594d83e3bdf10f8a129c148bb61
-
SHA256
ab8c4714bdb456ef4885ce1dcfcffaa8aeee0ab5669f5cbb43922b60f5a670b6
-
SHA512
c72feaef499413104fd9d62aaeb59dba5ccddf7fed9150624b00f77e14983f99891c70044b7d4bc1355927a1643df3e7c51157f13e1d36077f1a021a06b70065
-
SSDEEP
98304:U3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ew0:6qAKWJIEszXOIaMkQIWyaA
Static task
static1
Malware Config
Targets
-
-
Target
ab8c4714bdb456ef4885ce1dcfcffaa8aeee0ab5669f5cbb43922b60f5a670b6
-
Size
4.2MB
-
MD5
dd47f77d085b703c91eda8a3ab29b867
-
SHA1
c0c01dc134205594d83e3bdf10f8a129c148bb61
-
SHA256
ab8c4714bdb456ef4885ce1dcfcffaa8aeee0ab5669f5cbb43922b60f5a670b6
-
SHA512
c72feaef499413104fd9d62aaeb59dba5ccddf7fed9150624b00f77e14983f99891c70044b7d4bc1355927a1643df3e7c51157f13e1d36077f1a021a06b70065
-
SSDEEP
98304:U3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ew0:6qAKWJIEszXOIaMkQIWyaA
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-