General
-
Target
5046f97fc3092ae034997545b462784b4adc94b41f02fab2d54004020f62c71e
-
Size
4.0MB
-
Sample
230221-ahcqdada99
-
MD5
4f58abba92b38d04d5065761d8b917a2
-
SHA1
6fb3474ff736d265d749623e727968bcb3a579d4
-
SHA256
5046f97fc3092ae034997545b462784b4adc94b41f02fab2d54004020f62c71e
-
SHA512
e3cef60557d5057d43ff9b35a1898f6d847e2ffe4433234bfe664e60fa98613774a4485610ae1f804662cfcb4fd7dc2b5b0c22703e504671b919ce27b67161d5
-
SSDEEP
49152:JwLeW63sqJsyS6O/jaqlKT6YKEn42BFFaCmkBBf2ieCRgzjhCGNY6OuKr0V9eaZX:auCM6x72BugzRgv2rP6eQJQ4x2RmF1B
Static task
static1
Malware Config
Targets
-
-
Target
5046f97fc3092ae034997545b462784b4adc94b41f02fab2d54004020f62c71e
-
Size
4.0MB
-
MD5
4f58abba92b38d04d5065761d8b917a2
-
SHA1
6fb3474ff736d265d749623e727968bcb3a579d4
-
SHA256
5046f97fc3092ae034997545b462784b4adc94b41f02fab2d54004020f62c71e
-
SHA512
e3cef60557d5057d43ff9b35a1898f6d847e2ffe4433234bfe664e60fa98613774a4485610ae1f804662cfcb4fd7dc2b5b0c22703e504671b919ce27b67161d5
-
SSDEEP
49152:JwLeW63sqJsyS6O/jaqlKT6YKEn42BFFaCmkBBf2ieCRgzjhCGNY6OuKr0V9eaZX:auCM6x72BugzRgv2rP6eQJQ4x2RmF1B
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-