General
-
Target
704db756df48de76769d64147bcb122557e0203d8610b105f52146f7d22abfa7
-
Size
4.2MB
-
Sample
230608-s2rmrage52
-
MD5
63f9a78a2bd5727d0663632f3ed5bd32
-
SHA1
9d210bd2320fb878221cd7c013f013a227211de3
-
SHA256
704db756df48de76769d64147bcb122557e0203d8610b105f52146f7d22abfa7
-
SHA512
2da1af496e7ab4cb62793740c38ab1d7a07f5c20741c825677c3ae5b48bbc642de5db9e179313011d07d1306c73601e40e6cf54889e726b3a79d1b7f1272977b
-
SSDEEP
98304:UD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/r:JisB3chGrWAkX50iivVmbMkr
Static task
static1
Malware Config
Targets
-
-
Target
704db756df48de76769d64147bcb122557e0203d8610b105f52146f7d22abfa7
-
Size
4.2MB
-
MD5
63f9a78a2bd5727d0663632f3ed5bd32
-
SHA1
9d210bd2320fb878221cd7c013f013a227211de3
-
SHA256
704db756df48de76769d64147bcb122557e0203d8610b105f52146f7d22abfa7
-
SHA512
2da1af496e7ab4cb62793740c38ab1d7a07f5c20741c825677c3ae5b48bbc642de5db9e179313011d07d1306c73601e40e6cf54889e726b3a79d1b7f1272977b
-
SSDEEP
98304:UD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/r:JisB3chGrWAkX50iivVmbMkr
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-