General
-
Target
8c9eac1afdc09d38a88354b513496f5ae5a9a579f446c020c12988b39ba95648
-
Size
4.1MB
-
Sample
230620-1khyaaee45
-
MD5
7f6638a6d92964abac556675bb6b669d
-
SHA1
fee77059027409c7e69afb2346937de660e6b3d7
-
SHA256
8c9eac1afdc09d38a88354b513496f5ae5a9a579f446c020c12988b39ba95648
-
SHA512
26d9bd70c17f09420591f8151637dc1066f712ff2672aaf0e084df9963a33078cb5b8fbd07b74f0d8a6e5d1a5332a1ba43b006385763abec706c54d4db66776f
-
SSDEEP
98304:2RRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7a:2RQtlo9WJCqN8vgI11zW
Static task
static1
Malware Config
Targets
-
-
Target
8c9eac1afdc09d38a88354b513496f5ae5a9a579f446c020c12988b39ba95648
-
Size
4.1MB
-
MD5
7f6638a6d92964abac556675bb6b669d
-
SHA1
fee77059027409c7e69afb2346937de660e6b3d7
-
SHA256
8c9eac1afdc09d38a88354b513496f5ae5a9a579f446c020c12988b39ba95648
-
SHA512
26d9bd70c17f09420591f8151637dc1066f712ff2672aaf0e084df9963a33078cb5b8fbd07b74f0d8a6e5d1a5332a1ba43b006385763abec706c54d4db66776f
-
SSDEEP
98304:2RRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7a:2RQtlo9WJCqN8vgI11zW
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-