General
-
Target
48614899bf9c0f6062dac46fdbd04e4ade4dbed9de554b14ac378630c8f3ea52
-
Size
4.1MB
-
Sample
230620-w549sseg7t
-
MD5
102606194a3df8042b596cf870d9c961
-
SHA1
f73c437eb89919e6a4bfa32be9462c3a5a5b7743
-
SHA256
48614899bf9c0f6062dac46fdbd04e4ade4dbed9de554b14ac378630c8f3ea52
-
SHA512
d692e03c1a740451f13b9298446713c6139bcd9371b2e79c81ea8ba5936b38bdcecd957668a5a6f376b09dcd819cb0b93b317ecb9c4ba392404a14ae46b7bc33
-
SSDEEP
98304:r5gvbkQzx+togQWJvOnwZoVSyEekafUQXA4N:r5gDk5HvfZfyEEjXF
Static task
static1
Malware Config
Targets
-
-
Target
48614899bf9c0f6062dac46fdbd04e4ade4dbed9de554b14ac378630c8f3ea52
-
Size
4.1MB
-
MD5
102606194a3df8042b596cf870d9c961
-
SHA1
f73c437eb89919e6a4bfa32be9462c3a5a5b7743
-
SHA256
48614899bf9c0f6062dac46fdbd04e4ade4dbed9de554b14ac378630c8f3ea52
-
SHA512
d692e03c1a740451f13b9298446713c6139bcd9371b2e79c81ea8ba5936b38bdcecd957668a5a6f376b09dcd819cb0b93b317ecb9c4ba392404a14ae46b7bc33
-
SSDEEP
98304:r5gvbkQzx+togQWJvOnwZoVSyEekafUQXA4N:r5gDk5HvfZfyEEjXF
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-