General
-
Target
0df86c0e93a2d492bc735b0be4c1f6958b4ece29f6e0f61b028a2bea7c8bdc45
-
Size
4.0MB
-
Sample
230221-vg83eafe75
-
MD5
4ead0a8fb8e948efddf25928414eff8b
-
SHA1
cb84b7b112fc91b9164692d1276a19053e4670fb
-
SHA256
0df86c0e93a2d492bc735b0be4c1f6958b4ece29f6e0f61b028a2bea7c8bdc45
-
SHA512
b76aaca5c00334e052c51010b8258f97fce1826f182594b948d20d8333c20a63b07e8ad644367413c009492434f3beedaa156ac01be02a10f63980d054fa3f1c
-
SSDEEP
98304:krwFQ7rbj38ljcSEC+VwnOxOrpk6M4EdwV:krwFQ3GcSAVgOxkOSV
Static task
static1
Malware Config
Targets
-
-
Target
0df86c0e93a2d492bc735b0be4c1f6958b4ece29f6e0f61b028a2bea7c8bdc45
-
Size
4.0MB
-
MD5
4ead0a8fb8e948efddf25928414eff8b
-
SHA1
cb84b7b112fc91b9164692d1276a19053e4670fb
-
SHA256
0df86c0e93a2d492bc735b0be4c1f6958b4ece29f6e0f61b028a2bea7c8bdc45
-
SHA512
b76aaca5c00334e052c51010b8258f97fce1826f182594b948d20d8333c20a63b07e8ad644367413c009492434f3beedaa156ac01be02a10f63980d054fa3f1c
-
SSDEEP
98304:krwFQ7rbj38ljcSEC+VwnOxOrpk6M4EdwV:krwFQ3GcSAVgOxkOSV
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-