General
-
Target
8dc81b301743c69a167d3825ae57a31f6f72b4a11825590c6c6380bb241eff4c
-
Size
4.1MB
-
Sample
230615-zb71dabb92
-
MD5
e407f5e337447a0e30ae689ec541e5a2
-
SHA1
0c924dc045bf990eec11c890b7b5dc2a63ada21b
-
SHA256
8dc81b301743c69a167d3825ae57a31f6f72b4a11825590c6c6380bb241eff4c
-
SHA512
5907fdd6134bc92baecb8e959d8e8eadc91e2be0140e7c983facebc0b9d71e82cc80b905f8bdf0ec64a05e05b525942cb1e3a8d1b4d440716a7cfef291e77d9b
-
SSDEEP
98304:r5gvbkQzx+togQWJvOnwZoVSyEekafUQXA4D:r5gDk5HvfZfyEEjXb
Static task
static1
Malware Config
Targets
-
-
Target
8dc81b301743c69a167d3825ae57a31f6f72b4a11825590c6c6380bb241eff4c
-
Size
4.1MB
-
MD5
e407f5e337447a0e30ae689ec541e5a2
-
SHA1
0c924dc045bf990eec11c890b7b5dc2a63ada21b
-
SHA256
8dc81b301743c69a167d3825ae57a31f6f72b4a11825590c6c6380bb241eff4c
-
SHA512
5907fdd6134bc92baecb8e959d8e8eadc91e2be0140e7c983facebc0b9d71e82cc80b905f8bdf0ec64a05e05b525942cb1e3a8d1b4d440716a7cfef291e77d9b
-
SSDEEP
98304:r5gvbkQzx+togQWJvOnwZoVSyEekafUQXA4D:r5gDk5HvfZfyEEjXb
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-