General
-
Target
ee9d80b969d5cace92256a6fd0310160bb0c7933cbd0779559c0cb1cfba85ee1
-
Size
4.1MB
-
Sample
230325-2d5ddagf5z
-
MD5
2968f9135feb61ca93211ef031c24552
-
SHA1
8005744262f756645a4095150c6c6bf98a907593
-
SHA256
ee9d80b969d5cace92256a6fd0310160bb0c7933cbd0779559c0cb1cfba85ee1
-
SHA512
9b10f683e9cb088e5eda9ac68db330db5828c8a67dae7b1e8f8b7161cccdbff9a3cf3a113a0c075335d9f4be695053c900cd30b22660ff1c4677a2e58a5255c3
-
SSDEEP
98304:tPj+LIsgp57UjynWiqJRcTpmJQWxujNhSZRaDxnw:ALYJU2UqAJQWxujSCxnw
Static task
static1
Malware Config
Targets
-
-
Target
ee9d80b969d5cace92256a6fd0310160bb0c7933cbd0779559c0cb1cfba85ee1
-
Size
4.1MB
-
MD5
2968f9135feb61ca93211ef031c24552
-
SHA1
8005744262f756645a4095150c6c6bf98a907593
-
SHA256
ee9d80b969d5cace92256a6fd0310160bb0c7933cbd0779559c0cb1cfba85ee1
-
SHA512
9b10f683e9cb088e5eda9ac68db330db5828c8a67dae7b1e8f8b7161cccdbff9a3cf3a113a0c075335d9f4be695053c900cd30b22660ff1c4677a2e58a5255c3
-
SSDEEP
98304:tPj+LIsgp57UjynWiqJRcTpmJQWxujNhSZRaDxnw:ALYJU2UqAJQWxujSCxnw
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-