General
-
Target
6e87719037a6279feb55f55efebf17589ac68e19964f59670bc82237051289ca
-
Size
4.1MB
-
Sample
230717-sdlftsde8y
-
MD5
961efacd1741eb68dd4d4cc51d27a73f
-
SHA1
8cd91644d43d7ffff36e2d9612eee5c02221f631
-
SHA256
6e87719037a6279feb55f55efebf17589ac68e19964f59670bc82237051289ca
-
SHA512
25c2c446c1170719ce53a6065c110bf0ab246e2c1afa104d7191256cf4fb4ef33cd19eee37c1265b747b633c1be6ed1a860375fdbc00b1a353eb3aca15aa6914
-
SSDEEP
49152:8CARxnQoh+SxUjblCCRlt/pBzA17SD0X4gowzBKPpxYPe85xJ5ZlAWPjm/lbuF2J:PmdhPxKBntfeuwJojpvyFsWK/OE
Static task
static1
Malware Config
Targets
-
-
Target
6e87719037a6279feb55f55efebf17589ac68e19964f59670bc82237051289ca
-
Size
4.1MB
-
MD5
961efacd1741eb68dd4d4cc51d27a73f
-
SHA1
8cd91644d43d7ffff36e2d9612eee5c02221f631
-
SHA256
6e87719037a6279feb55f55efebf17589ac68e19964f59670bc82237051289ca
-
SHA512
25c2c446c1170719ce53a6065c110bf0ab246e2c1afa104d7191256cf4fb4ef33cd19eee37c1265b747b633c1be6ed1a860375fdbc00b1a353eb3aca15aa6914
-
SSDEEP
49152:8CARxnQoh+SxUjblCCRlt/pBzA17SD0X4gowzBKPpxYPe85xJ5ZlAWPjm/lbuF2J:PmdhPxKBntfeuwJojpvyFsWK/OE
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-