General
-
Target
4862e85100991f791f392f62663746ded6561e853a7a0d65d91e86678c6bf10a
-
Size
4.2MB
-
Sample
230608-s777page88
-
MD5
2e73e522d430249df47682c54992e35b
-
SHA1
ea15fa1fd8a425dd392b996a40e199b9323bbde2
-
SHA256
4862e85100991f791f392f62663746ded6561e853a7a0d65d91e86678c6bf10a
-
SHA512
47eb89b2a0c5d1f6ff6f7624be25ab048a603e4303293da788834705eca81dab4798c10fbc2e65d252d99eaf08df750deaadd6832a9af374ae0bcf80f808f91f
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/E:5isB3chGrWAkX50iivVmbMkE
Static task
static1
Malware Config
Targets
-
-
Target
4862e85100991f791f392f62663746ded6561e853a7a0d65d91e86678c6bf10a
-
Size
4.2MB
-
MD5
2e73e522d430249df47682c54992e35b
-
SHA1
ea15fa1fd8a425dd392b996a40e199b9323bbde2
-
SHA256
4862e85100991f791f392f62663746ded6561e853a7a0d65d91e86678c6bf10a
-
SHA512
47eb89b2a0c5d1f6ff6f7624be25ab048a603e4303293da788834705eca81dab4798c10fbc2e65d252d99eaf08df750deaadd6832a9af374ae0bcf80f808f91f
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/E:5isB3chGrWAkX50iivVmbMkE
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-