General
-
Target
5d905f4558a71be2c00041b90cd8bbbc401065d20fca9de8b52ea97335bc6769
-
Size
4.2MB
-
Sample
230608-jx7zhadb64
-
MD5
8139e97e2f25439fdeb79ac05d3b27d6
-
SHA1
287ef7df6ce87fa6149002907d442bcfebcc1ea7
-
SHA256
5d905f4558a71be2c00041b90cd8bbbc401065d20fca9de8b52ea97335bc6769
-
SHA512
b68c1373f1e241a401dd3c3675fc4bceabcb7f3215a501cc83479bb9541952c0f8a037340594a796a62da54af99e893f9c2897c01be5561b80e74d294e2ee0e3
-
SSDEEP
98304:s3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewU:SqAKWJIEszXOIaMkQIWyaI
Static task
static1
Malware Config
Targets
-
-
Target
5d905f4558a71be2c00041b90cd8bbbc401065d20fca9de8b52ea97335bc6769
-
Size
4.2MB
-
MD5
8139e97e2f25439fdeb79ac05d3b27d6
-
SHA1
287ef7df6ce87fa6149002907d442bcfebcc1ea7
-
SHA256
5d905f4558a71be2c00041b90cd8bbbc401065d20fca9de8b52ea97335bc6769
-
SHA512
b68c1373f1e241a401dd3c3675fc4bceabcb7f3215a501cc83479bb9541952c0f8a037340594a796a62da54af99e893f9c2897c01be5561b80e74d294e2ee0e3
-
SSDEEP
98304:s3JFIAKVAJkFR30tizXZEoLajtjwN5oQIWlzMLFQdb/ewU:SqAKWJIEszXOIaMkQIWyaI
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-