General
-
Target
5d63371f46362142505c2a3b83b02008b352342be25b1d6b9b76704d909b276a
-
Size
4.1MB
-
Sample
230620-1zbshsee93
-
MD5
0e7cee56e6243fd440b44e031df491b8
-
SHA1
d83e5c7fb81139e21dfcced6967189b62a181b53
-
SHA256
5d63371f46362142505c2a3b83b02008b352342be25b1d6b9b76704d909b276a
-
SHA512
880947a5c760cf04969f0edc79b7b723b44dd5be99ed2c73579f23e092ece92fb5d639ad35ff644c4db943bd1a51c92dba0ac76370f980ea981be87e7ecb4111
-
SSDEEP
98304:+RRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7B:+RQtlo9WJCqN8vgI11zl
Static task
static1
Malware Config
Targets
-
-
Target
5d63371f46362142505c2a3b83b02008b352342be25b1d6b9b76704d909b276a
-
Size
4.1MB
-
MD5
0e7cee56e6243fd440b44e031df491b8
-
SHA1
d83e5c7fb81139e21dfcced6967189b62a181b53
-
SHA256
5d63371f46362142505c2a3b83b02008b352342be25b1d6b9b76704d909b276a
-
SHA512
880947a5c760cf04969f0edc79b7b723b44dd5be99ed2c73579f23e092ece92fb5d639ad35ff644c4db943bd1a51c92dba0ac76370f980ea981be87e7ecb4111
-
SSDEEP
98304:+RRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7B:+RQtlo9WJCqN8vgI11zl
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-