General
-
Target
7daa9e41eb0b0ef541d639dd6d070fa5acda5f8a02692a4c86623dcd853b0793
-
Size
4.2MB
-
Sample
230608-teqbvagf65
-
MD5
9639402dc6a4d0118058bfc5659e5c30
-
SHA1
aec0f1f929650c39a932f5982ac569e2f36b28bd
-
SHA256
7daa9e41eb0b0ef541d639dd6d070fa5acda5f8a02692a4c86623dcd853b0793
-
SHA512
00fdf2b2f4eea6286c69d4a4c254c858fdc68594c89098ac2a740aa4db4522709eeea34fe087a2dc8d5e3847859142ed77f46535174c7bab7cc82e92bb88be9b
-
SSDEEP
98304:CDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2ge:CgyUUil/7dEOG83k4iEtde
Static task
static1
Malware Config
Targets
-
-
Target
7daa9e41eb0b0ef541d639dd6d070fa5acda5f8a02692a4c86623dcd853b0793
-
Size
4.2MB
-
MD5
9639402dc6a4d0118058bfc5659e5c30
-
SHA1
aec0f1f929650c39a932f5982ac569e2f36b28bd
-
SHA256
7daa9e41eb0b0ef541d639dd6d070fa5acda5f8a02692a4c86623dcd853b0793
-
SHA512
00fdf2b2f4eea6286c69d4a4c254c858fdc68594c89098ac2a740aa4db4522709eeea34fe087a2dc8d5e3847859142ed77f46535174c7bab7cc82e92bb88be9b
-
SSDEEP
98304:CDcEtUUijxIxK72LbKEdY4LtLHxmL1FX1kFiy/Et2ge:CgyUUil/7dEOG83k4iEtde
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-