General
-
Target
9d8e305e64525eca900f7bac0d2f1616e2b0f8da0e0136d0524b7676b11b754c
-
Size
4.2MB
-
Sample
230608-s5fdwsge67
-
MD5
248d0641bfacce15ba0382067ca2bc7f
-
SHA1
7acea0134da299a42b5922d79ee1cfcb71818caf
-
SHA256
9d8e305e64525eca900f7bac0d2f1616e2b0f8da0e0136d0524b7676b11b754c
-
SHA512
4db4b465fe19dc81c4774a22a4ec458e156cee25542e19360cd16d4e247ca6110ec4b1e9ba3bf36b564cff5f0e8d6aa2dc35c386e0b21aa923b814c5bf947513
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/g:5isB3chGrWAkX50iivVmbMkg
Static task
static1
Malware Config
Targets
-
-
Target
9d8e305e64525eca900f7bac0d2f1616e2b0f8da0e0136d0524b7676b11b754c
-
Size
4.2MB
-
MD5
248d0641bfacce15ba0382067ca2bc7f
-
SHA1
7acea0134da299a42b5922d79ee1cfcb71818caf
-
SHA256
9d8e305e64525eca900f7bac0d2f1616e2b0f8da0e0136d0524b7676b11b754c
-
SHA512
4db4b465fe19dc81c4774a22a4ec458e156cee25542e19360cd16d4e247ca6110ec4b1e9ba3bf36b564cff5f0e8d6aa2dc35c386e0b21aa923b814c5bf947513
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/g:5isB3chGrWAkX50iivVmbMkg
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-