General
-
Target
5651db912c4ed6753de747f923098ef5cf885b824eef0b9185325bc669e53a37
-
Size
4.2MB
-
Sample
230608-rg93xsgf6x
-
MD5
89a204603f032d228d7d1cb410c6d3bf
-
SHA1
530a2824ad2f04d66f49da60eab023f2d95b5430
-
SHA256
5651db912c4ed6753de747f923098ef5cf885b824eef0b9185325bc669e53a37
-
SHA512
d56626e253344b63c9308bc03c2fa3a4ec985c3258d2e1aeb36d5f65d6c27c4961ebfef0d2b4e906876557a323ee1ac280892550db78c6750cb8df533d9c76fd
-
SSDEEP
98304:j2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LD:f/qwDjrTv1Rsee19ORlf
Static task
static1
Malware Config
Targets
-
-
Target
5651db912c4ed6753de747f923098ef5cf885b824eef0b9185325bc669e53a37
-
Size
4.2MB
-
MD5
89a204603f032d228d7d1cb410c6d3bf
-
SHA1
530a2824ad2f04d66f49da60eab023f2d95b5430
-
SHA256
5651db912c4ed6753de747f923098ef5cf885b824eef0b9185325bc669e53a37
-
SHA512
d56626e253344b63c9308bc03c2fa3a4ec985c3258d2e1aeb36d5f65d6c27c4961ebfef0d2b4e906876557a323ee1ac280892550db78c6750cb8df533d9c76fd
-
SSDEEP
98304:j2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LD:f/qwDjrTv1Rsee19ORlf
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-