General
-
Target
d2c65618bd092b0791425ea08bdb2b934da96e0fa867087a961ee5d80b793933
-
Size
4.2MB
-
Sample
230608-sfs9fsha5s
-
MD5
90529870306b50a386cd0ce7ddfc3137
-
SHA1
32689df06c3eff659667b7e5c6224b38a1dc6a2b
-
SHA256
d2c65618bd092b0791425ea08bdb2b934da96e0fa867087a961ee5d80b793933
-
SHA512
73e6d88ed4828227daf00a7954d7bdaae7eb72b4aa091584305f9b6604d19a18db4e38282d136fc0c622c9eac88b49849f2a1aaabbb714bbd7fe9172e0326415
-
SSDEEP
98304:L2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LL:H/qwDjrTv1Rsee19ORlP
Static task
static1
Malware Config
Targets
-
-
Target
d2c65618bd092b0791425ea08bdb2b934da96e0fa867087a961ee5d80b793933
-
Size
4.2MB
-
MD5
90529870306b50a386cd0ce7ddfc3137
-
SHA1
32689df06c3eff659667b7e5c6224b38a1dc6a2b
-
SHA256
d2c65618bd092b0791425ea08bdb2b934da96e0fa867087a961ee5d80b793933
-
SHA512
73e6d88ed4828227daf00a7954d7bdaae7eb72b4aa091584305f9b6604d19a18db4e38282d136fc0c622c9eac88b49849f2a1aaabbb714bbd7fe9172e0326415
-
SSDEEP
98304:L2u/qwDd6KqJAT06/j/ZUiDsee1EdwFYJ1Rq2LL:H/qwDjrTv1Rsee19ORlP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-