General
-
Target
560b26d7795f306ab3ff274c3606281b54f914e04e793e237ec5ee94b187bb9c
-
Size
4.1MB
-
Sample
230326-knvs9aga25
-
MD5
33a082c1174c33e6964624a8fa140b9e
-
SHA1
55e85a106f3e8bf61a5ef06d4a2b2c9dc8322598
-
SHA256
560b26d7795f306ab3ff274c3606281b54f914e04e793e237ec5ee94b187bb9c
-
SHA512
1770b15cf132dd6eaa5d67b3dc2873b80b7e4fab7d37ae689b1aa8ab61ab0bd894f695e85277d9c7ca55ec15a41df0a4b98af384db39d208c1a760bd649faeac
-
SSDEEP
98304:UJGuGQT8aMKjrMfGWIAr7VsBzN6ZWmHsuD6pLGepgKS:UwuGQQaLAhNw5296lGUgP
Static task
static1
Malware Config
Targets
-
-
Target
560b26d7795f306ab3ff274c3606281b54f914e04e793e237ec5ee94b187bb9c
-
Size
4.1MB
-
MD5
33a082c1174c33e6964624a8fa140b9e
-
SHA1
55e85a106f3e8bf61a5ef06d4a2b2c9dc8322598
-
SHA256
560b26d7795f306ab3ff274c3606281b54f914e04e793e237ec5ee94b187bb9c
-
SHA512
1770b15cf132dd6eaa5d67b3dc2873b80b7e4fab7d37ae689b1aa8ab61ab0bd894f695e85277d9c7ca55ec15a41df0a4b98af384db39d208c1a760bd649faeac
-
SSDEEP
98304:UJGuGQT8aMKjrMfGWIAr7VsBzN6ZWmHsuD6pLGepgKS:UwuGQQaLAhNw5296lGUgP
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-