General
-
Target
c2b7db646e27fa62cda93f6cd6ca4bdc9ab90a6ddd31936b6c789191be9240bc
-
Size
4.2MB
-
Sample
230608-k8psqsde76
-
MD5
69a25ad6937561fab58fffa64cb1f060
-
SHA1
896122cfa2990ede35e101f102e6bcc4af7209cb
-
SHA256
c2b7db646e27fa62cda93f6cd6ca4bdc9ab90a6ddd31936b6c789191be9240bc
-
SHA512
04bd972c8d1caa2daabdf9f95bbb684c4ccfb82d1b2db0951f47db327e8d9288ceb5cc3f530878aef1ffdd0e91619664b3077178b7184153f59173fe64d6b788
-
SSDEEP
98304:4665c4JG+W/h83fz+KjxdfuAXgrXpt7huI665dX5yd9S:4jc4JcKDjWj3hRW9S
Static task
static1
Malware Config
Targets
-
-
Target
c2b7db646e27fa62cda93f6cd6ca4bdc9ab90a6ddd31936b6c789191be9240bc
-
Size
4.2MB
-
MD5
69a25ad6937561fab58fffa64cb1f060
-
SHA1
896122cfa2990ede35e101f102e6bcc4af7209cb
-
SHA256
c2b7db646e27fa62cda93f6cd6ca4bdc9ab90a6ddd31936b6c789191be9240bc
-
SHA512
04bd972c8d1caa2daabdf9f95bbb684c4ccfb82d1b2db0951f47db327e8d9288ceb5cc3f530878aef1ffdd0e91619664b3077178b7184153f59173fe64d6b788
-
SSDEEP
98304:4665c4JG+W/h83fz+KjxdfuAXgrXpt7huI665dX5yd9S:4jc4JcKDjWj3hRW9S
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-