General
-
Target
0af3da5cfe9ff8a5f689c1f68a93640337fc4ede3c683608af0c70a3f5abb7bb
-
Size
4.2MB
-
Sample
230608-lxjysadh36
-
MD5
553a5010919650bb49f7fae9ff90dfff
-
SHA1
e47d107f437d50b6f20e2f2d82c53b3157cf9885
-
SHA256
0af3da5cfe9ff8a5f689c1f68a93640337fc4ede3c683608af0c70a3f5abb7bb
-
SHA512
3fadec9ddd48e000db89674d41fa17c8522ba16fa6d44aab7863f2a45c581229323f01ac2015ba96e27f523c081a2bd699e524ef09cbbfa79f67986e3689629e
-
SSDEEP
98304:3g/fHGwoT4fFLmj0g2m02naWzP2+PqzRP4VQn5X3QlY9N+h6ak9F:aPP/tLpge2aWzP2AcaWnZKk9F
Static task
static1
Malware Config
Targets
-
-
Target
0af3da5cfe9ff8a5f689c1f68a93640337fc4ede3c683608af0c70a3f5abb7bb
-
Size
4.2MB
-
MD5
553a5010919650bb49f7fae9ff90dfff
-
SHA1
e47d107f437d50b6f20e2f2d82c53b3157cf9885
-
SHA256
0af3da5cfe9ff8a5f689c1f68a93640337fc4ede3c683608af0c70a3f5abb7bb
-
SHA512
3fadec9ddd48e000db89674d41fa17c8522ba16fa6d44aab7863f2a45c581229323f01ac2015ba96e27f523c081a2bd699e524ef09cbbfa79f67986e3689629e
-
SSDEEP
98304:3g/fHGwoT4fFLmj0g2m02naWzP2+PqzRP4VQn5X3QlY9N+h6ak9F:aPP/tLpge2aWzP2AcaWnZKk9F
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-