General
-
Target
4dd9e2f6a804fa4c133a69f7f0ba7151922f3beeb4bdc4dcb4619bde1a26b531
-
Size
4.0MB
-
Sample
230221-md7feagc7y
-
MD5
0504570adb3d3edf1af46148cb70b592
-
SHA1
574a8c26ef0815798c4759d8e7cf238c6315e0f9
-
SHA256
4dd9e2f6a804fa4c133a69f7f0ba7151922f3beeb4bdc4dcb4619bde1a26b531
-
SHA512
1088907b4472d1932a93ae4cecdd643a0d6ebbdcf62bbad7a201e9dceba617205e41f24755483408b4ee018275c02d243fe3d75175ce17de6529cd1939cd34d8
-
SSDEEP
98304:bZSAU52/ToHhsGVOMurwtgMX3tPcGTtpR:bZgM/TizHrNtpR
Static task
static1
Malware Config
Targets
-
-
Target
4dd9e2f6a804fa4c133a69f7f0ba7151922f3beeb4bdc4dcb4619bde1a26b531
-
Size
4.0MB
-
MD5
0504570adb3d3edf1af46148cb70b592
-
SHA1
574a8c26ef0815798c4759d8e7cf238c6315e0f9
-
SHA256
4dd9e2f6a804fa4c133a69f7f0ba7151922f3beeb4bdc4dcb4619bde1a26b531
-
SHA512
1088907b4472d1932a93ae4cecdd643a0d6ebbdcf62bbad7a201e9dceba617205e41f24755483408b4ee018275c02d243fe3d75175ce17de6529cd1939cd34d8
-
SSDEEP
98304:bZSAU52/ToHhsGVOMurwtgMX3tPcGTtpR:bZgM/TizHrNtpR
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-