General
-
Target
38c810d283b9604e61eaa851934aa0d922361e37bcd0915e3edfc54b935a6511
-
Size
4.1MB
-
Sample
230325-2b33jagf5x
-
MD5
35598ec1e8862d17f7cdd6739c46b618
-
SHA1
41ffbc74b0d8cd51ca5c8ecc3af7d706d902f7e3
-
SHA256
38c810d283b9604e61eaa851934aa0d922361e37bcd0915e3edfc54b935a6511
-
SHA512
e5cadff38a9412280cae56f42549feafefd4fffe7d0cac779713ded41ffd47598694865c0f50268a444ee4e5b48df20d2b07c5fa83bd2768d238d0f4081d2093
-
SSDEEP
98304:tPj+LIsgp57UjynWiqJRcTpmJQWxujNhSZRaDxnP:ALYJU2UqAJQWxujSCxnP
Static task
static1
Malware Config
Targets
-
-
Target
38c810d283b9604e61eaa851934aa0d922361e37bcd0915e3edfc54b935a6511
-
Size
4.1MB
-
MD5
35598ec1e8862d17f7cdd6739c46b618
-
SHA1
41ffbc74b0d8cd51ca5c8ecc3af7d706d902f7e3
-
SHA256
38c810d283b9604e61eaa851934aa0d922361e37bcd0915e3edfc54b935a6511
-
SHA512
e5cadff38a9412280cae56f42549feafefd4fffe7d0cac779713ded41ffd47598694865c0f50268a444ee4e5b48df20d2b07c5fa83bd2768d238d0f4081d2093
-
SSDEEP
98304:tPj+LIsgp57UjynWiqJRcTpmJQWxujNhSZRaDxnP:ALYJU2UqAJQWxujSCxnP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-