General
-
Target
5e3b776bde5f3775b7e9f7e890758828bc06cedc1a4a13f9d1f4896cad4473ef
-
Size
4.2MB
-
Sample
230608-pvpm2aga8x
-
MD5
cfe419e7c7e6c14938cbabf8d5a56ad2
-
SHA1
4a31e70069c7ba6c00538b0a1d548a9a22ae038f
-
SHA256
5e3b776bde5f3775b7e9f7e890758828bc06cedc1a4a13f9d1f4896cad4473ef
-
SHA512
c94c02dd2bd4a53a606f0cfa811f89953e4e2f7da87b07f3e2b7e961358a2c19a4a2b280b0f56d08896678fc70ebe5374ccc34f00747d163bd7ea0368a69ec46
-
SSDEEP
98304:l4Oukmwozu5N1sjvc6C5HzAFpDV4v2Gff887WFFSEVpe1l6UqT5uNR:cxw0u5Xsj06C5HzAFtV4vjftWfSDTd4I
Static task
static1
Malware Config
Targets
-
-
Target
5e3b776bde5f3775b7e9f7e890758828bc06cedc1a4a13f9d1f4896cad4473ef
-
Size
4.2MB
-
MD5
cfe419e7c7e6c14938cbabf8d5a56ad2
-
SHA1
4a31e70069c7ba6c00538b0a1d548a9a22ae038f
-
SHA256
5e3b776bde5f3775b7e9f7e890758828bc06cedc1a4a13f9d1f4896cad4473ef
-
SHA512
c94c02dd2bd4a53a606f0cfa811f89953e4e2f7da87b07f3e2b7e961358a2c19a4a2b280b0f56d08896678fc70ebe5374ccc34f00747d163bd7ea0368a69ec46
-
SSDEEP
98304:l4Oukmwozu5N1sjvc6C5HzAFpDV4v2Gff887WFFSEVpe1l6UqT5uNR:cxw0u5Xsj06C5HzAFtV4vjftWfSDTd4I
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-