General
-
Target
02455894044be401056a8013cfd6a3f4f4edd63f3904ff49583a4551ab8d5052
-
Size
4.2MB
-
Sample
230608-s3bmxshc31
-
MD5
cb015ab41eaceb08405e006a10d567cc
-
SHA1
e1375afc5cb28d53219ba78940e77875eff79681
-
SHA256
02455894044be401056a8013cfd6a3f4f4edd63f3904ff49583a4551ab8d5052
-
SHA512
dd4c0ebdc5342678aad5b727c781d61dfa32d26fbf9c8e25e6d5046449418ea000eb0759c40998e032d46b23cb56c1073b17cdbaf45d52fc77c715646bd3af7e
-
SSDEEP
98304:cD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/8:RisB3chGrWAkX50iivVmbMk8
Static task
static1
Malware Config
Targets
-
-
Target
02455894044be401056a8013cfd6a3f4f4edd63f3904ff49583a4551ab8d5052
-
Size
4.2MB
-
MD5
cb015ab41eaceb08405e006a10d567cc
-
SHA1
e1375afc5cb28d53219ba78940e77875eff79681
-
SHA256
02455894044be401056a8013cfd6a3f4f4edd63f3904ff49583a4551ab8d5052
-
SHA512
dd4c0ebdc5342678aad5b727c781d61dfa32d26fbf9c8e25e6d5046449418ea000eb0759c40998e032d46b23cb56c1073b17cdbaf45d52fc77c715646bd3af7e
-
SSDEEP
98304:cD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/8:RisB3chGrWAkX50iivVmbMk8
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-