General
-
Target
862eedbec6b8d1b16acfe54e285e562a597e092f6d80c81c0aa07757ef27542e
-
Size
4.2MB
-
Sample
230608-tkn1zagf89
-
MD5
396d12e887d6ec5612f19c1cd700b4ae
-
SHA1
07e8f0b1513c0384846d88d555c2a011e43332bf
-
SHA256
862eedbec6b8d1b16acfe54e285e562a597e092f6d80c81c0aa07757ef27542e
-
SHA512
844697b4e69a920147f2ecf7a8f099d627ce5164d82ab50831b5059bd30dfce6f9340f0b663d6f3c718bdc6894d2afdfe3e34a3a798f7762cbe0b37a9263822d
-
SSDEEP
98304:g/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7Ntwr:gBnTENnKJ0ZVk1Btwr
Static task
static1
Malware Config
Targets
-
-
Target
862eedbec6b8d1b16acfe54e285e562a597e092f6d80c81c0aa07757ef27542e
-
Size
4.2MB
-
MD5
396d12e887d6ec5612f19c1cd700b4ae
-
SHA1
07e8f0b1513c0384846d88d555c2a011e43332bf
-
SHA256
862eedbec6b8d1b16acfe54e285e562a597e092f6d80c81c0aa07757ef27542e
-
SHA512
844697b4e69a920147f2ecf7a8f099d627ce5164d82ab50831b5059bd30dfce6f9340f0b663d6f3c718bdc6894d2afdfe3e34a3a798f7762cbe0b37a9263822d
-
SSDEEP
98304:g/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7Ntwr:gBnTENnKJ0ZVk1Btwr
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-