General
-
Target
c9cb8c381d87970f04363680133964a49daaa38d953b80b4d360ab1a3f5dd91c
-
Size
4.0MB
-
Sample
230221-kq21caga7x
-
MD5
0dfb01736d000256b063f1b80dc8fd84
-
SHA1
a09719748c39c2d13013928912cec8960365f79a
-
SHA256
c9cb8c381d87970f04363680133964a49daaa38d953b80b4d360ab1a3f5dd91c
-
SHA512
b0d7de48be7cd54bc2986cdf3a03a84d8c00537a0975424cd1df8c52e5775acc456a676b52d18088e9920e33d12d722a5dce0753aa6b3947a80eed0dc8ff4d5e
-
SSDEEP
98304:oOcl/6p/hXvawWDPCW6slvHtwGl4mbc7kkQ8o6l27FqZCt7h3cK:glyhhXyw2PMIvtZ4vBQ2iqZCUK
Static task
static1
Malware Config
Targets
-
-
Target
c9cb8c381d87970f04363680133964a49daaa38d953b80b4d360ab1a3f5dd91c
-
Size
4.0MB
-
MD5
0dfb01736d000256b063f1b80dc8fd84
-
SHA1
a09719748c39c2d13013928912cec8960365f79a
-
SHA256
c9cb8c381d87970f04363680133964a49daaa38d953b80b4d360ab1a3f5dd91c
-
SHA512
b0d7de48be7cd54bc2986cdf3a03a84d8c00537a0975424cd1df8c52e5775acc456a676b52d18088e9920e33d12d722a5dce0753aa6b3947a80eed0dc8ff4d5e
-
SSDEEP
98304:oOcl/6p/hXvawWDPCW6slvHtwGl4mbc7kkQ8o6l27FqZCt7h3cK:glyhhXyw2PMIvtZ4vBQ2iqZCUK
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-