General
-
Target
0859d7dfade10b48db90836964b2afeae388b67f7f7be8fb7b9fb32ad0e6663a
-
Size
4.1MB
-
Sample
230326-q8va4saf8v
-
MD5
194291a077ddaaa890eb16ff7daf49dd
-
SHA1
7212523bbdef7a82c27df15a276c57c7f143d78c
-
SHA256
0859d7dfade10b48db90836964b2afeae388b67f7f7be8fb7b9fb32ad0e6663a
-
SHA512
c7f6fbf64a7d5627e02b01bc392e3c843afb58d7a28c4f017200c59e69b407ff83e04635c6933389dc40a63f4afc92eed1b4f046445b027c7d2e3de073e6787e
-
SSDEEP
98304:VmBK0A75SeBxCWoYDzhR7nU3M2jSMFp3FUUEuMt:V4KD7tBxRZPhVU85MFpCtuw
Static task
static1
Malware Config
Targets
-
-
Target
0859d7dfade10b48db90836964b2afeae388b67f7f7be8fb7b9fb32ad0e6663a
-
Size
4.1MB
-
MD5
194291a077ddaaa890eb16ff7daf49dd
-
SHA1
7212523bbdef7a82c27df15a276c57c7f143d78c
-
SHA256
0859d7dfade10b48db90836964b2afeae388b67f7f7be8fb7b9fb32ad0e6663a
-
SHA512
c7f6fbf64a7d5627e02b01bc392e3c843afb58d7a28c4f017200c59e69b407ff83e04635c6933389dc40a63f4afc92eed1b4f046445b027c7d2e3de073e6787e
-
SSDEEP
98304:VmBK0A75SeBxCWoYDzhR7nU3M2jSMFp3FUUEuMt:V4KD7tBxRZPhVU85MFpCtuw
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-