General
-
Target
dbc98247a27ab996766f227ec67ba429f965c16ef14706d9f5474c8d85b8dc25
-
Size
4.2MB
-
Sample
230608-labnwseb3y
-
MD5
c43a4fd485948bc1b8200fa1b494e7fd
-
SHA1
f4ac90ae164f8db080e833142386bb558c34edbb
-
SHA256
dbc98247a27ab996766f227ec67ba429f965c16ef14706d9f5474c8d85b8dc25
-
SHA512
5c69cd23415ad1b6e27122704b72527cb52553c024b80b18a0a3fc9941f91b51daacd1d15c7fe98968b663a5a31f6f0e2f6b74c8d3a186b822cef8f41a133ed3
-
SSDEEP
98304:Q665c4JG+W/h83fz+KjxdfuAXgrXpt7huI665dX5yd9C:Qjc4JcKDjWj3hRW9C
Static task
static1
Malware Config
Targets
-
-
Target
dbc98247a27ab996766f227ec67ba429f965c16ef14706d9f5474c8d85b8dc25
-
Size
4.2MB
-
MD5
c43a4fd485948bc1b8200fa1b494e7fd
-
SHA1
f4ac90ae164f8db080e833142386bb558c34edbb
-
SHA256
dbc98247a27ab996766f227ec67ba429f965c16ef14706d9f5474c8d85b8dc25
-
SHA512
5c69cd23415ad1b6e27122704b72527cb52553c024b80b18a0a3fc9941f91b51daacd1d15c7fe98968b663a5a31f6f0e2f6b74c8d3a186b822cef8f41a133ed3
-
SSDEEP
98304:Q665c4JG+W/h83fz+KjxdfuAXgrXpt7huI665dX5yd9C:Qjc4JcKDjWj3hRW9C
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-