General
-
Target
137785caf93678d7c18fa42c6e25e07c505e3c8824b9d9f75d17af9caf018da7
-
Size
4.2MB
-
Sample
230608-tgq16ahd5t
-
MD5
6bc084da7c1842689cec2c4623066dc0
-
SHA1
0b9cb6db6a2d3dabe1b34d50e50f9670553735f7
-
SHA256
137785caf93678d7c18fa42c6e25e07c505e3c8824b9d9f75d17af9caf018da7
-
SHA512
ee8c11291242a08d29ee9a4e1d2d220cf034108f6d6f459d3c52ec7febdf309efc563ee41f20f1137a2d94890fb06c027dbad17f0f3b825b0f61e624beb1d407
-
SSDEEP
98304:o/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7NtwZ:oBnTENnKJ0ZVk1BtwZ
Static task
static1
Malware Config
Targets
-
-
Target
137785caf93678d7c18fa42c6e25e07c505e3c8824b9d9f75d17af9caf018da7
-
Size
4.2MB
-
MD5
6bc084da7c1842689cec2c4623066dc0
-
SHA1
0b9cb6db6a2d3dabe1b34d50e50f9670553735f7
-
SHA256
137785caf93678d7c18fa42c6e25e07c505e3c8824b9d9f75d17af9caf018da7
-
SHA512
ee8c11291242a08d29ee9a4e1d2d220cf034108f6d6f459d3c52ec7febdf309efc563ee41f20f1137a2d94890fb06c027dbad17f0f3b825b0f61e624beb1d407
-
SSDEEP
98304:o/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7NtwZ:oBnTENnKJ0ZVk1BtwZ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-