General
-
Target
1c34ad90c8f60e2c91ff9386c410a2369bd53e33e4a4a513beedbfc90d0f69a5
-
Size
4.2MB
-
Sample
230608-tdbr3agf48
-
MD5
1bbec4b18a2a79e2e3db0e458ae9b3ce
-
SHA1
b9ddbb413e12b0fe09b9db7cc1a65ae72ea1d20c
-
SHA256
1c34ad90c8f60e2c91ff9386c410a2369bd53e33e4a4a513beedbfc90d0f69a5
-
SHA512
10642aa8dceb8d2d3515fc01dba7670366949b816de0883e58a06b36d9018840cdb9187b24eae573475a5148767055935f6585f0f59450ba2e429b42cee142df
-
SSDEEP
98304:aDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2gn:agyUUil/7dEOG83k4iEtdn
Static task
static1
Malware Config
Targets
-
-
Target
1c34ad90c8f60e2c91ff9386c410a2369bd53e33e4a4a513beedbfc90d0f69a5
-
Size
4.2MB
-
MD5
1bbec4b18a2a79e2e3db0e458ae9b3ce
-
SHA1
b9ddbb413e12b0fe09b9db7cc1a65ae72ea1d20c
-
SHA256
1c34ad90c8f60e2c91ff9386c410a2369bd53e33e4a4a513beedbfc90d0f69a5
-
SHA512
10642aa8dceb8d2d3515fc01dba7670366949b816de0883e58a06b36d9018840cdb9187b24eae573475a5148767055935f6585f0f59450ba2e429b42cee142df
-
SSDEEP
98304:aDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2gn:agyUUil/7dEOG83k4iEtdn
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-