General
-
Target
5d9db9197a937becdb520bf7b7c26f261c7499d2a6f06427199f994a948238fd
-
Size
4.2MB
-
Sample
230608-rabxjsfh27
-
MD5
9cf6add8c91ff71a2772720cec36f247
-
SHA1
35353f4360a32e0f0c67368e4de67c9cea8a2c73
-
SHA256
5d9db9197a937becdb520bf7b7c26f261c7499d2a6f06427199f994a948238fd
-
SHA512
ea729070cbfd15b1e2b2c52b404c71a3a63bec31f07a27c882d1c574e2f6527a0e4700bce861f69ae6d929436390ded4bdd11d1ec4fe330dd797042a09e5adb1
-
SSDEEP
98304:L2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LU:H/qwDjrTv1Rsee19ORlA
Static task
static1
Malware Config
Targets
-
-
Target
5d9db9197a937becdb520bf7b7c26f261c7499d2a6f06427199f994a948238fd
-
Size
4.2MB
-
MD5
9cf6add8c91ff71a2772720cec36f247
-
SHA1
35353f4360a32e0f0c67368e4de67c9cea8a2c73
-
SHA256
5d9db9197a937becdb520bf7b7c26f261c7499d2a6f06427199f994a948238fd
-
SHA512
ea729070cbfd15b1e2b2c52b404c71a3a63bec31f07a27c882d1c574e2f6527a0e4700bce861f69ae6d929436390ded4bdd11d1ec4fe330dd797042a09e5adb1
-
SSDEEP
98304:L2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LU:H/qwDjrTv1Rsee19ORlA
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-