General
-
Target
d80f9a318e1c4810af701164cfc776daa78f8e105d13b83a98235462ad78255e
-
Size
4.1MB
-
Sample
230326-rjlhcaag3z
-
MD5
6521f607b1749c8e57946cba7e1350d1
-
SHA1
838d10f6f8c639ab970e6cb25f3f64858677ea8c
-
SHA256
d80f9a318e1c4810af701164cfc776daa78f8e105d13b83a98235462ad78255e
-
SHA512
cdb0c89b8bb1d4479487503826a431dfa62c498e40fd24d66d12fb9c64493cb95baf71b5f842e42c22538bd67a0d770fd74a81ea6e2d7f71b96d9ea735ad7fef
-
SSDEEP
98304:VmBK0A75SeBxCWoYDzhR7nU3M2jSMFp3FUUEuMy:V4KD7tBxRZPhVU85MFpCtub
Static task
static1
Malware Config
Targets
-
-
Target
d80f9a318e1c4810af701164cfc776daa78f8e105d13b83a98235462ad78255e
-
Size
4.1MB
-
MD5
6521f607b1749c8e57946cba7e1350d1
-
SHA1
838d10f6f8c639ab970e6cb25f3f64858677ea8c
-
SHA256
d80f9a318e1c4810af701164cfc776daa78f8e105d13b83a98235462ad78255e
-
SHA512
cdb0c89b8bb1d4479487503826a431dfa62c498e40fd24d66d12fb9c64493cb95baf71b5f842e42c22538bd67a0d770fd74a81ea6e2d7f71b96d9ea735ad7fef
-
SSDEEP
98304:VmBK0A75SeBxCWoYDzhR7nU3M2jSMFp3FUUEuMy:V4KD7tBxRZPhVU85MFpCtub
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-