General
-
Target
8a7d14337e9095df18da098b09f5d2b72dd581c137078e7567d56e1d7e63b3e0
-
Size
4.2MB
-
Sample
230608-s7zkjshc6w
-
MD5
3bd587eaa2aa1843570c54839601ba6f
-
SHA1
8eca41cd33e65af9143d7bf0ee882f35d2d5a10d
-
SHA256
8a7d14337e9095df18da098b09f5d2b72dd581c137078e7567d56e1d7e63b3e0
-
SHA512
345d66fb36caf3d490967c164eff3e00597dd716bd30c7ee6828a11b477533641813c9ad6825caed172cf941ff7b8e00c596156466135b2d26e6901aae4ef303
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/O:5isB3chGrWAkX50iivVmbMkO
Static task
static1
Malware Config
Targets
-
-
Target
8a7d14337e9095df18da098b09f5d2b72dd581c137078e7567d56e1d7e63b3e0
-
Size
4.2MB
-
MD5
3bd587eaa2aa1843570c54839601ba6f
-
SHA1
8eca41cd33e65af9143d7bf0ee882f35d2d5a10d
-
SHA256
8a7d14337e9095df18da098b09f5d2b72dd581c137078e7567d56e1d7e63b3e0
-
SHA512
345d66fb36caf3d490967c164eff3e00597dd716bd30c7ee6828a11b477533641813c9ad6825caed172cf941ff7b8e00c596156466135b2d26e6901aae4ef303
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/O:5isB3chGrWAkX50iivVmbMkO
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-