General
-
Target
d966ce5caba50f1d0404202cfec1b2180590376ee21f833546ce4ceca309d895
-
Size
4.2MB
-
Sample
230608-tpgsfshd9s
-
MD5
7269a1678bcd9b19944480d1a42d3af0
-
SHA1
33a7708f322815fdf30732dc45f3fc94afbfb43f
-
SHA256
d966ce5caba50f1d0404202cfec1b2180590376ee21f833546ce4ceca309d895
-
SHA512
eecefa1ed992b27a005cf5a86e8ed60289ca5ef09cb255b0eabcd4e031f9f1b345104740952f0c708fafdd0ea9e7f17ff79bda4f49042250d8421b4da3e0e7fd
-
SSDEEP
98304:Q/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7NtwW:QBnTENnKJ0ZVk1BtwW
Static task
static1
Malware Config
Targets
-
-
Target
d966ce5caba50f1d0404202cfec1b2180590376ee21f833546ce4ceca309d895
-
Size
4.2MB
-
MD5
7269a1678bcd9b19944480d1a42d3af0
-
SHA1
33a7708f322815fdf30732dc45f3fc94afbfb43f
-
SHA256
d966ce5caba50f1d0404202cfec1b2180590376ee21f833546ce4ceca309d895
-
SHA512
eecefa1ed992b27a005cf5a86e8ed60289ca5ef09cb255b0eabcd4e031f9f1b345104740952f0c708fafdd0ea9e7f17ff79bda4f49042250d8421b4da3e0e7fd
-
SSDEEP
98304:Q/5S+b1Z/p6oQSInErfLJd2o/OVdeUy7NtwW:QBnTENnKJ0ZVk1BtwW
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-