General
-
Target
39f27c9ed9d41a6c98c445d92d5ea745ffb90c3f75e90905cd5c59d4db695529
-
Size
4.2MB
-
Sample
230608-p95ykagc2x
-
MD5
a69bd1b10c4ba0c4b136c9992e362eca
-
SHA1
f527e08c9eda06181322aea1c5ff5874f6176729
-
SHA256
39f27c9ed9d41a6c98c445d92d5ea745ffb90c3f75e90905cd5c59d4db695529
-
SHA512
c04125f3122df35fc2a80a0edc13974a06566ca8e47e1f624a89736efe57af12b8f364bd7c9f7866145de7832892fde88d4eaf0ad7ea805b785d7690e4708c1c
-
SSDEEP
98304:14Oukmwozu5N1sjvc6C5HzAFpDV4v2Gff887WFFSEVpe1l6UqT5uNa:Mxw0u5Xsj06C5HzAFtV4vjftWfSDTd4T
Static task
static1
Malware Config
Targets
-
-
Target
39f27c9ed9d41a6c98c445d92d5ea745ffb90c3f75e90905cd5c59d4db695529
-
Size
4.2MB
-
MD5
a69bd1b10c4ba0c4b136c9992e362eca
-
SHA1
f527e08c9eda06181322aea1c5ff5874f6176729
-
SHA256
39f27c9ed9d41a6c98c445d92d5ea745ffb90c3f75e90905cd5c59d4db695529
-
SHA512
c04125f3122df35fc2a80a0edc13974a06566ca8e47e1f624a89736efe57af12b8f364bd7c9f7866145de7832892fde88d4eaf0ad7ea805b785d7690e4708c1c
-
SSDEEP
98304:14Oukmwozu5N1sjvc6C5HzAFpDV4v2Gff887WFFSEVpe1l6UqT5uNa:Mxw0u5Xsj06C5HzAFtV4vjftWfSDTd4T
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-