General
-
Target
a0ac40467b28d8ccb300bc733992d134e64a28519d919715f37c3afc60e39cf2
-
Size
4.2MB
-
Sample
230608-tem7gshd3y
-
MD5
62181323543247541d7b733296204028
-
SHA1
33e4e453263eca26bf00c4ee1add619fbb9aa1d7
-
SHA256
a0ac40467b28d8ccb300bc733992d134e64a28519d919715f37c3afc60e39cf2
-
SHA512
29bc924aa2c570be6824c3b9500a0f97d66891172da33fcd4debc0f9ba3aecd2727028d1eda38588142b06b974fc4436b33ce5a5dfc316c56662fb7880e75893
-
SSDEEP
98304:KDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2gS:KgyUUil/7dEOG83k4iEtdS
Static task
static1
Malware Config
Targets
-
-
Target
a0ac40467b28d8ccb300bc733992d134e64a28519d919715f37c3afc60e39cf2
-
Size
4.2MB
-
MD5
62181323543247541d7b733296204028
-
SHA1
33e4e453263eca26bf00c4ee1add619fbb9aa1d7
-
SHA256
a0ac40467b28d8ccb300bc733992d134e64a28519d919715f37c3afc60e39cf2
-
SHA512
29bc924aa2c570be6824c3b9500a0f97d66891172da33fcd4debc0f9ba3aecd2727028d1eda38588142b06b974fc4436b33ce5a5dfc316c56662fb7880e75893
-
SSDEEP
98304:KDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2gS:KgyUUil/7dEOG83k4iEtdS
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-