General
-
Target
6e54978ecba3dbbac3da616d7eeb1b72ab9c409ade12a032c22da9bc542367da
-
Size
4.1MB
-
Sample
230326-kvtvjahh7s
-
MD5
ae579abfade3040acbfc0de8ae578782
-
SHA1
37c242e359f5df9b380438f64a97a08bcf5904dc
-
SHA256
6e54978ecba3dbbac3da616d7eeb1b72ab9c409ade12a032c22da9bc542367da
-
SHA512
2d234b42db9e656bf68132a7ce1f31c6fa899a4d9b33043891bd4307e56afa8762aa984bccf5c88e0aeb8849079346432cea96a95e67a13f6c4f7eb069ec454f
-
SSDEEP
98304:UJGuGQT8aMKjrMfGWIAr7VsBzN6ZWmHsuD6pLGepgKf:UwuGQQaLAhNw5296lGUgi
Static task
static1
Malware Config
Targets
-
-
Target
6e54978ecba3dbbac3da616d7eeb1b72ab9c409ade12a032c22da9bc542367da
-
Size
4.1MB
-
MD5
ae579abfade3040acbfc0de8ae578782
-
SHA1
37c242e359f5df9b380438f64a97a08bcf5904dc
-
SHA256
6e54978ecba3dbbac3da616d7eeb1b72ab9c409ade12a032c22da9bc542367da
-
SHA512
2d234b42db9e656bf68132a7ce1f31c6fa899a4d9b33043891bd4307e56afa8762aa984bccf5c88e0aeb8849079346432cea96a95e67a13f6c4f7eb069ec454f
-
SSDEEP
98304:UJGuGQT8aMKjrMfGWIAr7VsBzN6ZWmHsuD6pLGepgKf:UwuGQQaLAhNw5296lGUgi
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-