General
-
Target
b607a9d381c4f7d7a47557ffbaf6ab9ccd2a19a7e8cec050899f38be4491aee3
-
Size
4.2MB
-
Sample
230608-s2vz6sge53
-
MD5
29bdd5446f257be2b06326c47180b72d
-
SHA1
17a1db7a44a608480fe01a7f9bfa4e17fd4060d6
-
SHA256
b607a9d381c4f7d7a47557ffbaf6ab9ccd2a19a7e8cec050899f38be4491aee3
-
SHA512
19ee162ee6ae12a3535134d6681bf4731c4abe1ea0f1de281aebbbf787866de3ff6e0503fa41e9a5443f5ab9d621988c1ad70178408ad249767b9dfe0d8abb74
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/y:5isB3chGrWAkX50iivVmbMky
Static task
static1
Malware Config
Targets
-
-
Target
b607a9d381c4f7d7a47557ffbaf6ab9ccd2a19a7e8cec050899f38be4491aee3
-
Size
4.2MB
-
MD5
29bdd5446f257be2b06326c47180b72d
-
SHA1
17a1db7a44a608480fe01a7f9bfa4e17fd4060d6
-
SHA256
b607a9d381c4f7d7a47557ffbaf6ab9ccd2a19a7e8cec050899f38be4491aee3
-
SHA512
19ee162ee6ae12a3535134d6681bf4731c4abe1ea0f1de281aebbbf787866de3ff6e0503fa41e9a5443f5ab9d621988c1ad70178408ad249767b9dfe0d8abb74
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/y:5isB3chGrWAkX50iivVmbMky
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-