General
-
Target
7578539ad9ffcbfc4627377385064b433ac718e517729b2b1a179246a11df7e1
-
Size
4.2MB
-
Sample
230608-tpfv6agg27
-
MD5
75fca6484c6f10562eb82e1c9dd2d131
-
SHA1
5085834948a01937347c6b7dafe0d804c3ef6606
-
SHA256
7578539ad9ffcbfc4627377385064b433ac718e517729b2b1a179246a11df7e1
-
SHA512
ea37af6b0c6e850d1f4306708a23ad6d68eb00612c358dc8d66bbdc893d29b5dfba1487c55aafd463113c5ffdae1cd9f0a278ac8b6c4d53946f0e06903f1f469
-
SSDEEP
98304:g/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7Ntwx:gBnTENnKJ0ZVk1Btwx
Static task
static1
Malware Config
Targets
-
-
Target
7578539ad9ffcbfc4627377385064b433ac718e517729b2b1a179246a11df7e1
-
Size
4.2MB
-
MD5
75fca6484c6f10562eb82e1c9dd2d131
-
SHA1
5085834948a01937347c6b7dafe0d804c3ef6606
-
SHA256
7578539ad9ffcbfc4627377385064b433ac718e517729b2b1a179246a11df7e1
-
SHA512
ea37af6b0c6e850d1f4306708a23ad6d68eb00612c358dc8d66bbdc893d29b5dfba1487c55aafd463113c5ffdae1cd9f0a278ac8b6c4d53946f0e06903f1f469
-
SSDEEP
98304:g/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7Ntwx:gBnTENnKJ0ZVk1Btwx
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-