General
-
Target
2f29cca5e05d2c52571a2ac82276e7bdbcdbee2b2bd794815df0ed7fa2e28ffe
-
Size
4.2MB
-
Sample
230608-rht34afh89
-
MD5
bb313a0140c3fc0871b7d74d32d5a70f
-
SHA1
5a1e0f35eaa3071b01fd70922e383c6cbf1e01c8
-
SHA256
2f29cca5e05d2c52571a2ac82276e7bdbcdbee2b2bd794815df0ed7fa2e28ffe
-
SHA512
f578d01edad6470ab1cb7ec4f0e5ba70c9baf8dfa0c9362c95088aeaee9476f49b05c020512c538fc36719185be4442c84a1cd35620084af31025faca561a6aa
-
SSDEEP
98304:72u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2Lf:3/qwDjrTv1Rsee19ORlz
Static task
static1
Malware Config
Targets
-
-
Target
2f29cca5e05d2c52571a2ac82276e7bdbcdbee2b2bd794815df0ed7fa2e28ffe
-
Size
4.2MB
-
MD5
bb313a0140c3fc0871b7d74d32d5a70f
-
SHA1
5a1e0f35eaa3071b01fd70922e383c6cbf1e01c8
-
SHA256
2f29cca5e05d2c52571a2ac82276e7bdbcdbee2b2bd794815df0ed7fa2e28ffe
-
SHA512
f578d01edad6470ab1cb7ec4f0e5ba70c9baf8dfa0c9362c95088aeaee9476f49b05c020512c538fc36719185be4442c84a1cd35620084af31025faca561a6aa
-
SSDEEP
98304:72u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2Lf:3/qwDjrTv1Rsee19ORlz
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-