General
-
Target
978160edcb632e2f90dfac9bc25692d782114ba8fc96b2ce1d6b6836f180d0b7
-
Size
4.0MB
-
Sample
230220-ytq9xaea8z
-
MD5
8238870f6daa14955f82e94b7bb1d4af
-
SHA1
ad7751b028688caf825734ed41c5fecfa35bbc92
-
SHA256
978160edcb632e2f90dfac9bc25692d782114ba8fc96b2ce1d6b6836f180d0b7
-
SHA512
6eb7b85da87a66f31fcc0489fb11fb4c6e1e60d0f6559269f2084d0140fca0af51daf0737db2db2004f06cb5b90e772379d72f27c1fb0ce2cf4c5e9dde586ba2
-
SSDEEP
98304:XiM/QgUZuS/H/9XMAqpyjYrPJPowySaVm1DCPeZyRXWxZ:XiZYA1X6g0rRPbtaV+DC5UZ
Static task
static1
Malware Config
Targets
-
-
Target
978160edcb632e2f90dfac9bc25692d782114ba8fc96b2ce1d6b6836f180d0b7
-
Size
4.0MB
-
MD5
8238870f6daa14955f82e94b7bb1d4af
-
SHA1
ad7751b028688caf825734ed41c5fecfa35bbc92
-
SHA256
978160edcb632e2f90dfac9bc25692d782114ba8fc96b2ce1d6b6836f180d0b7
-
SHA512
6eb7b85da87a66f31fcc0489fb11fb4c6e1e60d0f6559269f2084d0140fca0af51daf0737db2db2004f06cb5b90e772379d72f27c1fb0ce2cf4c5e9dde586ba2
-
SSDEEP
98304:XiM/QgUZuS/H/9XMAqpyjYrPJPowySaVm1DCPeZyRXWxZ:XiZYA1X6g0rRPbtaV+DC5UZ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-