General
-
Target
bfc35b7ff41298e9016946832ec4c66a6331ef15f6ab84bec68c34ddb568e51e
-
Size
4.2MB
-
Sample
230608-rakvfsfh32
-
MD5
a57e43baa488677a58011c927924f5de
-
SHA1
e447314035200cb51020b1d69e8186ec3cefea1d
-
SHA256
bfc35b7ff41298e9016946832ec4c66a6331ef15f6ab84bec68c34ddb568e51e
-
SHA512
15a579e3715522a1d2cacad308b0b989b88db03c3b172995a4528ef07aa0b25a78145b442f874078d2db71877df4e952ae42b70b554a7f2fa43664e5a5afddf7
-
SSDEEP
98304:L2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2Lp:H/qwDjrTv1Rsee19ORl1
Static task
static1
Malware Config
Targets
-
-
Target
bfc35b7ff41298e9016946832ec4c66a6331ef15f6ab84bec68c34ddb568e51e
-
Size
4.2MB
-
MD5
a57e43baa488677a58011c927924f5de
-
SHA1
e447314035200cb51020b1d69e8186ec3cefea1d
-
SHA256
bfc35b7ff41298e9016946832ec4c66a6331ef15f6ab84bec68c34ddb568e51e
-
SHA512
15a579e3715522a1d2cacad308b0b989b88db03c3b172995a4528ef07aa0b25a78145b442f874078d2db71877df4e952ae42b70b554a7f2fa43664e5a5afddf7
-
SSDEEP
98304:L2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2Lp:H/qwDjrTv1Rsee19ORl1
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-