General
-
Target
0fc8cdc6baa702ca03bee2737a4ec0070d69be196092d7bce719c13a646b30ea
-
Size
4.1MB
-
Sample
230326-nk52laac4x
-
MD5
527b5b8814fa5c6654071018ee6f3af0
-
SHA1
2274b953c7552e70920251dba1f5e43f93c1d04b
-
SHA256
0fc8cdc6baa702ca03bee2737a4ec0070d69be196092d7bce719c13a646b30ea
-
SHA512
1844bb3f1daaebe827719fd2d73075cddd5271f0b6285fa4f02d14b13394580277853036453ef02ebea4a1af8ef3f0390c13cd5fbd8a01332d20d2028ba02405
-
SSDEEP
98304:ViGIF0rUD4kkX5/Z9a3jHzxa0o1kMvnM4Cc:AGImQDTORZiH+1kMfM4Cc
Static task
static1
Malware Config
Targets
-
-
Target
0fc8cdc6baa702ca03bee2737a4ec0070d69be196092d7bce719c13a646b30ea
-
Size
4.1MB
-
MD5
527b5b8814fa5c6654071018ee6f3af0
-
SHA1
2274b953c7552e70920251dba1f5e43f93c1d04b
-
SHA256
0fc8cdc6baa702ca03bee2737a4ec0070d69be196092d7bce719c13a646b30ea
-
SHA512
1844bb3f1daaebe827719fd2d73075cddd5271f0b6285fa4f02d14b13394580277853036453ef02ebea4a1af8ef3f0390c13cd5fbd8a01332d20d2028ba02405
-
SSDEEP
98304:ViGIF0rUD4kkX5/Z9a3jHzxa0o1kMvnM4Cc:AGImQDTORZiH+1kMfM4Cc
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-