General
-
Target
2f9f480a60b6d163730f9c7042f66e2420673380ff1820ed2107c9db8e9f47e5
-
Size
4.1MB
-
Sample
230325-v551nafg7s
-
MD5
9f006e9f3bf1f6b32dcb4a971bc3b38a
-
SHA1
ed4b85a4bce28b111ad1b7646b4ebf629397134f
-
SHA256
2f9f480a60b6d163730f9c7042f66e2420673380ff1820ed2107c9db8e9f47e5
-
SHA512
88e453f46e0a388902565534834d431e625980eea3825949354c0cb51252d6d9c295458bff8fe02351a399d20e73261f91f9111ba7050d2eae2ca2d52f88f70c
-
SSDEEP
49152:FKkIMxnuypBavOAiJ3mY9kICEwg6HRoKJsCHrTt0mc+fdW9q9mpwjxou+8OBkqi4:4zM5uyav0VmY9MsKc+fckmmjxouXOP
Static task
static1
Malware Config
Targets
-
-
Target
2f9f480a60b6d163730f9c7042f66e2420673380ff1820ed2107c9db8e9f47e5
-
Size
4.1MB
-
MD5
9f006e9f3bf1f6b32dcb4a971bc3b38a
-
SHA1
ed4b85a4bce28b111ad1b7646b4ebf629397134f
-
SHA256
2f9f480a60b6d163730f9c7042f66e2420673380ff1820ed2107c9db8e9f47e5
-
SHA512
88e453f46e0a388902565534834d431e625980eea3825949354c0cb51252d6d9c295458bff8fe02351a399d20e73261f91f9111ba7050d2eae2ca2d52f88f70c
-
SSDEEP
49152:FKkIMxnuypBavOAiJ3mY9kICEwg6HRoKJsCHrTt0mc+fdW9q9mpwjxou+8OBkqi4:4zM5uyav0VmY9MsKc+fckmmjxouXOP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-