General
-
Target
e56d896fb047af5c9e7ed3c18b7e4d71341a918eb0441faa82214be9520c6c2b
-
Size
4.0MB
-
Sample
230220-vlmpzade4w
-
MD5
97b814719edd1ffc431ed0d43f6e3e1e
-
SHA1
61bde4a72187c2800f79d900924be519f5aa5059
-
SHA256
e56d896fb047af5c9e7ed3c18b7e4d71341a918eb0441faa82214be9520c6c2b
-
SHA512
c6701b486de46c1309f9fbbb8ee4c779c5ab1bf1de1a1118a1eae95fc1a0a8b1382acd76c57896fc8b8ded81bd11e470ca5ba3420638c3a3ccf21ab551b73d92
-
SSDEEP
98304:7TMGIdgeNduUIpLIICrCMuQSL9oIEirQN9xZC:7TYGSotIJtuQw9oZir4C
Static task
static1
Malware Config
Targets
-
-
Target
e56d896fb047af5c9e7ed3c18b7e4d71341a918eb0441faa82214be9520c6c2b
-
Size
4.0MB
-
MD5
97b814719edd1ffc431ed0d43f6e3e1e
-
SHA1
61bde4a72187c2800f79d900924be519f5aa5059
-
SHA256
e56d896fb047af5c9e7ed3c18b7e4d71341a918eb0441faa82214be9520c6c2b
-
SHA512
c6701b486de46c1309f9fbbb8ee4c779c5ab1bf1de1a1118a1eae95fc1a0a8b1382acd76c57896fc8b8ded81bd11e470ca5ba3420638c3a3ccf21ab551b73d92
-
SSDEEP
98304:7TMGIdgeNduUIpLIICrCMuQSL9oIEirQN9xZC:7TYGSotIJtuQw9oZir4C
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-