General
-
Target
2f2b8bb69f83e34e15f509c704ca7c7c08485e617667829e2ee50ec3ad2421b3
-
Size
4.0MB
-
Sample
230220-vt4y8ade5z
-
MD5
d2e86c5e6302ddaae87014dfe99f6bbf
-
SHA1
0838bc3c49316a24c94b27288a8ad3d9426bbdac
-
SHA256
2f2b8bb69f83e34e15f509c704ca7c7c08485e617667829e2ee50ec3ad2421b3
-
SHA512
fa1e39532bb3007e9c8ec2f8f54779ba0c78edb585cf65a84d756519464352f69085bd2ee293217dd01dd61daf53a8174c7d3adb455f54e2e9f1b295c73725f5
-
SSDEEP
98304:7TMGIdgeNduUIpLIICrCMuQSL9oIEirQN9xZ/:7TYGSotIJtuQw9oZir4/
Static task
static1
Malware Config
Targets
-
-
Target
2f2b8bb69f83e34e15f509c704ca7c7c08485e617667829e2ee50ec3ad2421b3
-
Size
4.0MB
-
MD5
d2e86c5e6302ddaae87014dfe99f6bbf
-
SHA1
0838bc3c49316a24c94b27288a8ad3d9426bbdac
-
SHA256
2f2b8bb69f83e34e15f509c704ca7c7c08485e617667829e2ee50ec3ad2421b3
-
SHA512
fa1e39532bb3007e9c8ec2f8f54779ba0c78edb585cf65a84d756519464352f69085bd2ee293217dd01dd61daf53a8174c7d3adb455f54e2e9f1b295c73725f5
-
SSDEEP
98304:7TMGIdgeNduUIpLIICrCMuQSL9oIEirQN9xZ/:7TYGSotIJtuQw9oZir4/
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-