General
-
Target
82505dba411b0edbaf6048a87e981b565493b2702c6288e7474d71a9e194205c
-
Size
4.1MB
-
Sample
230326-rg8j4aag3s
-
MD5
aec6fb21e2f175be6f47c7af0fca320c
-
SHA1
e989730ac0a04bac64a3894c1c6a3b4eccc3669c
-
SHA256
82505dba411b0edbaf6048a87e981b565493b2702c6288e7474d71a9e194205c
-
SHA512
075ed0c636f2ee43b7cb60db6d1f764034ebb736d79fa872d15a21696ccc2be88b1ce91835caf9dfa057e10fe1296172128dcad1da364e77812595266b0d83dd
-
SSDEEP
98304:VmBK0A75SeBxCWoYDzhR7nU3M2jSMFp3FUUEuMY:V4KD7tBxRZPhVU85MFpCtu1
Static task
static1
Malware Config
Targets
-
-
Target
82505dba411b0edbaf6048a87e981b565493b2702c6288e7474d71a9e194205c
-
Size
4.1MB
-
MD5
aec6fb21e2f175be6f47c7af0fca320c
-
SHA1
e989730ac0a04bac64a3894c1c6a3b4eccc3669c
-
SHA256
82505dba411b0edbaf6048a87e981b565493b2702c6288e7474d71a9e194205c
-
SHA512
075ed0c636f2ee43b7cb60db6d1f764034ebb736d79fa872d15a21696ccc2be88b1ce91835caf9dfa057e10fe1296172128dcad1da364e77812595266b0d83dd
-
SSDEEP
98304:VmBK0A75SeBxCWoYDzhR7nU3M2jSMFp3FUUEuMY:V4KD7tBxRZPhVU85MFpCtu1
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-