General
-
Target
e1a825a247a664884636ceb6dae4a8bddb86df2fb71ad542edb667f9c9e227d1
-
Size
4.1MB
-
Sample
230620-2tvh4sfh8w
-
MD5
de547e3c21fc48fb2703c82065501ac7
-
SHA1
f8ead93986ea8a86fd30e25ff0e1d773f278f6c8
-
SHA256
e1a825a247a664884636ceb6dae4a8bddb86df2fb71ad542edb667f9c9e227d1
-
SHA512
824ae54d866c9b30eaed99f50699e3a3679b487f2227678690463c66a9f9f6253cbf3042b7da3aa5aa3516be8d2f9f59c660734193e18f43e506404367905b12
-
SSDEEP
98304:uRRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7O:uRQtlo9WJCqN8vgI11zi
Static task
static1
Malware Config
Targets
-
-
Target
e1a825a247a664884636ceb6dae4a8bddb86df2fb71ad542edb667f9c9e227d1
-
Size
4.1MB
-
MD5
de547e3c21fc48fb2703c82065501ac7
-
SHA1
f8ead93986ea8a86fd30e25ff0e1d773f278f6c8
-
SHA256
e1a825a247a664884636ceb6dae4a8bddb86df2fb71ad542edb667f9c9e227d1
-
SHA512
824ae54d866c9b30eaed99f50699e3a3679b487f2227678690463c66a9f9f6253cbf3042b7da3aa5aa3516be8d2f9f59c660734193e18f43e506404367905b12
-
SSDEEP
98304:uRRu7JlHIqCfORsvc+0by6a+tN8vWZ2P1VDRDL5tTNz7O:uRQtlo9WJCqN8vgI11zi
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-