General
-
Target
6ced1dc3a8171332006da8976aba5fb4052f450a02f67de243fac2361a009b97
-
Size
4.2MB
-
Sample
230608-p28pgsgb5y
-
MD5
147308c25da30689734d6ae427671a0e
-
SHA1
74787f98f301a726c0c407d91dc72c7215d6946a
-
SHA256
6ced1dc3a8171332006da8976aba5fb4052f450a02f67de243fac2361a009b97
-
SHA512
7c08733f754b3c5e3ff86f9dbaec89edea06aa4e2b69295fd83ee372ff38079318ad39ff12fff73a278f5acbedde8f19710c7148b349101fb49ba80158c317dc
-
SSDEEP
98304:N4Oukmwozu5N1sjvc6C5HzAFpDV4v2Gff887WFFSEVpe1l6UqT5uNjp:0xw0u5Xsj06C5HzAFtV4vjftWfSDTd4k
Static task
static1
Malware Config
Targets
-
-
Target
6ced1dc3a8171332006da8976aba5fb4052f450a02f67de243fac2361a009b97
-
Size
4.2MB
-
MD5
147308c25da30689734d6ae427671a0e
-
SHA1
74787f98f301a726c0c407d91dc72c7215d6946a
-
SHA256
6ced1dc3a8171332006da8976aba5fb4052f450a02f67de243fac2361a009b97
-
SHA512
7c08733f754b3c5e3ff86f9dbaec89edea06aa4e2b69295fd83ee372ff38079318ad39ff12fff73a278f5acbedde8f19710c7148b349101fb49ba80158c317dc
-
SSDEEP
98304:N4Oukmwozu5N1sjvc6C5HzAFpDV4v2Gff887WFFSEVpe1l6UqT5uNjp:0xw0u5Xsj06C5HzAFtV4vjftWfSDTd4k
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-