General
-
Target
f4e2b49a0392ff7e034f4c19273ac6b286b896252d4a5f610610e7585bac6aca
-
Size
4.2MB
-
Sample
230608-ljw17adf89
-
MD5
d659f4bd90fc4a0b08b64db6cd1b7860
-
SHA1
fd9e3233fa6a9518b7e363bbe46c456649746110
-
SHA256
f4e2b49a0392ff7e034f4c19273ac6b286b896252d4a5f610610e7585bac6aca
-
SHA512
14a1aa311e355808b6dcbb5bcb6ba9647a318b07198e7195d8566a5fe6b49265b141923d15ea83d28f8fbc51de79f06a2e04bad44aa41ae664f13a9e066e33c7
-
SSDEEP
98304:Q665c4JG+W/h83fz+KjxdfuAXgrXpt7huI665dX5yd95:Qjc4JcKDjWj3hRW95
Static task
static1
Malware Config
Targets
-
-
Target
f4e2b49a0392ff7e034f4c19273ac6b286b896252d4a5f610610e7585bac6aca
-
Size
4.2MB
-
MD5
d659f4bd90fc4a0b08b64db6cd1b7860
-
SHA1
fd9e3233fa6a9518b7e363bbe46c456649746110
-
SHA256
f4e2b49a0392ff7e034f4c19273ac6b286b896252d4a5f610610e7585bac6aca
-
SHA512
14a1aa311e355808b6dcbb5bcb6ba9647a318b07198e7195d8566a5fe6b49265b141923d15ea83d28f8fbc51de79f06a2e04bad44aa41ae664f13a9e066e33c7
-
SSDEEP
98304:Q665c4JG+W/h83fz+KjxdfuAXgrXpt7huI665dX5yd95:Qjc4JcKDjWj3hRW95
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-