General
-
Target
2273ad3c5739e3c75de32a37f690ccce141a76524c20cd773e267b6b93731606
-
Size
4.1MB
-
Sample
230620-1qjrrsee72
-
MD5
451af59f1dc7bf09eaad8c27aab0a8fe
-
SHA1
a1e5d215d9e45937697d72e14d33476c6af4705c
-
SHA256
2273ad3c5739e3c75de32a37f690ccce141a76524c20cd773e267b6b93731606
-
SHA512
39b70ffa5e0b56fc6b550d0d16d00aec809f366a5dc1027b418e3198ae86a950d07721ed749776f6b3d9ce5eeea3b24895bd58aee66daa2ba8a5b5176bf6d41d
-
SSDEEP
98304:2RRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7W:2RQtlo9WJCqN8vgI11zC
Static task
static1
Malware Config
Targets
-
-
Target
2273ad3c5739e3c75de32a37f690ccce141a76524c20cd773e267b6b93731606
-
Size
4.1MB
-
MD5
451af59f1dc7bf09eaad8c27aab0a8fe
-
SHA1
a1e5d215d9e45937697d72e14d33476c6af4705c
-
SHA256
2273ad3c5739e3c75de32a37f690ccce141a76524c20cd773e267b6b93731606
-
SHA512
39b70ffa5e0b56fc6b550d0d16d00aec809f366a5dc1027b418e3198ae86a950d07721ed749776f6b3d9ce5eeea3b24895bd58aee66daa2ba8a5b5176bf6d41d
-
SSDEEP
98304:2RRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7W:2RQtlo9WJCqN8vgI11zC
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-