General
-
Target
223fdcb7b2addedab9da616b3abc6b107e8a9f6a53221cbc2e4643d19f726564
-
Size
4.1MB
-
Sample
230325-lgzz3aca87
-
MD5
3c3e5e054d80fe6a93805f951aad3197
-
SHA1
b04691e1925d6f303a794fa0b9f2e96283084613
-
SHA256
223fdcb7b2addedab9da616b3abc6b107e8a9f6a53221cbc2e4643d19f726564
-
SHA512
f6ff2affa2c51a576c9a8b1db6826c6977cd67718f0c91d4968e2d381ab8e2e71a9d3083c57c9f915e0bea28eef9b288476102169bf333a94735caf01a46242e
-
SSDEEP
98304:evej2jzuLTCK6bGHQe8qXT4IB6EaKjsS0McNup3lXC81Vy5sDCDB:IjzuijuXTAZKn0JNgX91VyeDCDB
Static task
static1
Malware Config
Targets
-
-
Target
223fdcb7b2addedab9da616b3abc6b107e8a9f6a53221cbc2e4643d19f726564
-
Size
4.1MB
-
MD5
3c3e5e054d80fe6a93805f951aad3197
-
SHA1
b04691e1925d6f303a794fa0b9f2e96283084613
-
SHA256
223fdcb7b2addedab9da616b3abc6b107e8a9f6a53221cbc2e4643d19f726564
-
SHA512
f6ff2affa2c51a576c9a8b1db6826c6977cd67718f0c91d4968e2d381ab8e2e71a9d3083c57c9f915e0bea28eef9b288476102169bf333a94735caf01a46242e
-
SSDEEP
98304:evej2jzuLTCK6bGHQe8qXT4IB6EaKjsS0McNup3lXC81Vy5sDCDB:IjzuijuXTAZKn0JNgX91VyeDCDB
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-