General
-
Target
556f5c029e032e34eb31fc827e95d3b84134791d3926fc29ee67c6e8436ee864
-
Size
4MB
-
Sample
230608-rb8mxafh45
-
MD5
0ca2830e9dbf4cbba0ff103a59fca259
-
SHA1
8902c670f74cd856e59479787204194594d4b8b8
-
SHA256
556f5c029e032e34eb31fc827e95d3b84134791d3926fc29ee67c6e8436ee864
-
SHA512
46b927f466bcf61210e72f1a35c4a283aa2c7c89ded43df221cd2a299f2baf58b0f5800f0a32536e6133a2ac45dd0ec32e3239ca489889f86b9a29dbe74fb28e
-
SSDEEP
98304:72u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LK:3/qwDjrTv1Rsee19ORl+
Static task
static1
Malware Config
Targets
-
-
Target
556f5c029e032e34eb31fc827e95d3b84134791d3926fc29ee67c6e8436ee864
-
Size
4MB
-
MD5
0ca2830e9dbf4cbba0ff103a59fca259
-
SHA1
8902c670f74cd856e59479787204194594d4b8b8
-
SHA256
556f5c029e032e34eb31fc827e95d3b84134791d3926fc29ee67c6e8436ee864
-
SHA512
46b927f466bcf61210e72f1a35c4a283aa2c7c89ded43df221cd2a299f2baf58b0f5800f0a32536e6133a2ac45dd0ec32e3239ca489889f86b9a29dbe74fb28e
-
SSDEEP
98304:72u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LK:3/qwDjrTv1Rsee19ORl+
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-