General
-
Target
b11bd9bbf08d606e8e3572348444430580a6b9019ff583e4a59f2632be5251ff
-
Size
4.2MB
-
Sample
230608-teb48ahd3w
-
MD5
ae1673a2c7ad90cc525e560752cad925
-
SHA1
44ab2dca444aa4bd13de68fe7954b31be21a5016
-
SHA256
b11bd9bbf08d606e8e3572348444430580a6b9019ff583e4a59f2632be5251ff
-
SHA512
ff514c1376083a641c9e8b91fbd4f4dd7adfff597205f116473e52f8c70bd2e0b8e65e718bdcb71753d957baa8abe5c61369cfd9d726db9c0d40eb265fa29506
-
SSDEEP
98304:CDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2gt:CgyUUil/7dEOG83k4iEtdt
Static task
static1
Malware Config
Targets
-
-
Target
b11bd9bbf08d606e8e3572348444430580a6b9019ff583e4a59f2632be5251ff
-
Size
4.2MB
-
MD5
ae1673a2c7ad90cc525e560752cad925
-
SHA1
44ab2dca444aa4bd13de68fe7954b31be21a5016
-
SHA256
b11bd9bbf08d606e8e3572348444430580a6b9019ff583e4a59f2632be5251ff
-
SHA512
ff514c1376083a641c9e8b91fbd4f4dd7adfff597205f116473e52f8c70bd2e0b8e65e718bdcb71753d957baa8abe5c61369cfd9d726db9c0d40eb265fa29506
-
SSDEEP
98304:CDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2gt:CgyUUil/7dEOG83k4iEtdt
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-