General
-
Target
583fb588f03896b4685e6664eb293a095f85f208f3e3c01612266dc349a8dac6
-
Size
4.0MB
-
Sample
230221-f9w6zsdg66
-
MD5
ff6417557a0f91c21fc9b6ebe8fae7b8
-
SHA1
b5d8a649047be11bce1f7d5248713efb0120c0bc
-
SHA256
583fb588f03896b4685e6664eb293a095f85f208f3e3c01612266dc349a8dac6
-
SHA512
f1d16baad18a2e6aaa3e3330b7e6ff0a5472e09c6b11ee34a80a141eabc8e7dc5e9566dbae83883d97836f820a31b7f6998493be5bb3b31c2e4dc5c0063c3b0a
-
SSDEEP
98304:PX6VzPNrYPjUsmpLnNBadKuqW0H1oJ3LVUSXJeAjvUn6:PXQTSapLNBsKuwuJ3pPXkUn
Static task
static1
Malware Config
Targets
-
-
Target
583fb588f03896b4685e6664eb293a095f85f208f3e3c01612266dc349a8dac6
-
Size
4.0MB
-
MD5
ff6417557a0f91c21fc9b6ebe8fae7b8
-
SHA1
b5d8a649047be11bce1f7d5248713efb0120c0bc
-
SHA256
583fb588f03896b4685e6664eb293a095f85f208f3e3c01612266dc349a8dac6
-
SHA512
f1d16baad18a2e6aaa3e3330b7e6ff0a5472e09c6b11ee34a80a141eabc8e7dc5e9566dbae83883d97836f820a31b7f6998493be5bb3b31c2e4dc5c0063c3b0a
-
SSDEEP
98304:PX6VzPNrYPjUsmpLnNBadKuqW0H1oJ3LVUSXJeAjvUn6:PXQTSapLNBsKuwuJ3pPXkUn
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-