General
-
Target
7db77a1a5e4ba41c7a7703b75c929b64f69729c35158ec48e858d5dcc4fb3cd8
-
Size
4.1MB
-
Sample
230620-11n48sfg7x
-
MD5
353585b04e56cd28eef408898e4f111f
-
SHA1
6609299a15c53072d9b0a830d64678bb0d6b0045
-
SHA256
7db77a1a5e4ba41c7a7703b75c929b64f69729c35158ec48e858d5dcc4fb3cd8
-
SHA512
30646a0e466574122553b7edb35b0759ea9533a98dff76f4688453084e93a1e33b374b812ee4e20084b2938d372f3c8efdf5b6809b3e7a796af2231b89194425
-
SSDEEP
98304:GRRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7i:GRQtlo9WJCqN8vgI11zW
Static task
static1
Malware Config
Targets
-
-
Target
7db77a1a5e4ba41c7a7703b75c929b64f69729c35158ec48e858d5dcc4fb3cd8
-
Size
4.1MB
-
MD5
353585b04e56cd28eef408898e4f111f
-
SHA1
6609299a15c53072d9b0a830d64678bb0d6b0045
-
SHA256
7db77a1a5e4ba41c7a7703b75c929b64f69729c35158ec48e858d5dcc4fb3cd8
-
SHA512
30646a0e466574122553b7edb35b0759ea9533a98dff76f4688453084e93a1e33b374b812ee4e20084b2938d372f3c8efdf5b6809b3e7a796af2231b89194425
-
SSDEEP
98304:GRRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7i:GRQtlo9WJCqN8vgI11zW
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-