General
-
Target
314f5d3cbe7333583a3eba19a4084786df583471dae07d78e4ae832dc146265c
-
Size
4.0MB
-
Sample
230221-qg59aseh35
-
MD5
3fdb8f401737b2fbbadf746372a8b02e
-
SHA1
6ed2d777f7ec0c8c3c6f2a4a9a87043da076639a
-
SHA256
314f5d3cbe7333583a3eba19a4084786df583471dae07d78e4ae832dc146265c
-
SHA512
09e975bf57a100db2c5e1f423338a7fee04a51208f20dc8481bf273a4bb4e18c8f29821b893bd4dae5c8a5d33bb0bd6053b39e9cbc68447403622a7d4cbdb8d4
-
SSDEEP
98304:Wm8CHjWaEcjRJvKu0c/46HDQ3AxwdI/SXYD0:WuHqcVJCc/t1xG
Static task
static1
Malware Config
Targets
-
-
Target
314f5d3cbe7333583a3eba19a4084786df583471dae07d78e4ae832dc146265c
-
Size
4.0MB
-
MD5
3fdb8f401737b2fbbadf746372a8b02e
-
SHA1
6ed2d777f7ec0c8c3c6f2a4a9a87043da076639a
-
SHA256
314f5d3cbe7333583a3eba19a4084786df583471dae07d78e4ae832dc146265c
-
SHA512
09e975bf57a100db2c5e1f423338a7fee04a51208f20dc8481bf273a4bb4e18c8f29821b893bd4dae5c8a5d33bb0bd6053b39e9cbc68447403622a7d4cbdb8d4
-
SSDEEP
98304:Wm8CHjWaEcjRJvKu0c/46HDQ3AxwdI/SXYD0:WuHqcVJCc/t1xG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-