General
-
Target
e39572afa3da1294a57f14a8fee8233c8170216220a6af1eabafbd656f451bf7
-
Size
4.2MB
-
Sample
230608-s9blhage99
-
MD5
4cc193e48d5c6880405ebd922d890ca0
-
SHA1
ad6e717d3e8f7508f46e053385f57ff3dfb316e2
-
SHA256
e39572afa3da1294a57f14a8fee8233c8170216220a6af1eabafbd656f451bf7
-
SHA512
ac34dbf32adb3c1cb4c4314c29e5d8d5f1b789f8e5d3c52cd9da0f15c5ad9b84943a19bad67d4caa464f93624edd503ac56a60a5e58d0883a7ea0c1a51ad9712
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/K:5isB3chGrWAkX50iivVmbMkK
Static task
static1
Malware Config
Targets
-
-
Target
e39572afa3da1294a57f14a8fee8233c8170216220a6af1eabafbd656f451bf7
-
Size
4.2MB
-
MD5
4cc193e48d5c6880405ebd922d890ca0
-
SHA1
ad6e717d3e8f7508f46e053385f57ff3dfb316e2
-
SHA256
e39572afa3da1294a57f14a8fee8233c8170216220a6af1eabafbd656f451bf7
-
SHA512
ac34dbf32adb3c1cb4c4314c29e5d8d5f1b789f8e5d3c52cd9da0f15c5ad9b84943a19bad67d4caa464f93624edd503ac56a60a5e58d0883a7ea0c1a51ad9712
-
SSDEEP
98304:kD6BJq3x/k9BOyFc5DGITwYQhAAFeX50i+XvH1mMBgMW/K:5isB3chGrWAkX50iivVmbMkK
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-