General
-
Target
0b89a63dbcbb9cdd571940753163dca5290653588c094c96f34b3c438d03e44c
-
Size
4.1MB
-
Sample
230326-t8d6nshc45
-
MD5
2766a076ad2b0dc63890695c8cb6b1f2
-
SHA1
bd5aeeb543e8025239831c9f9a09121119e4a9f5
-
SHA256
0b89a63dbcbb9cdd571940753163dca5290653588c094c96f34b3c438d03e44c
-
SHA512
d9914d5a4606842fe5ded97be11275cf20f9a76b6384cb16271e067981e7fc82980ddb65d386d38ae9da9c4f53d42deb72dc9e862d3aba883e7ef03c8cfc438a
-
SSDEEP
98304:QJD17W0UqpuspM8+PKArk0jkiRIayPIQZwFWr8L:WFW0Ua+8+dxjm3Pbix
Static task
static1
Malware Config
Targets
-
-
Target
0b89a63dbcbb9cdd571940753163dca5290653588c094c96f34b3c438d03e44c
-
Size
4.1MB
-
MD5
2766a076ad2b0dc63890695c8cb6b1f2
-
SHA1
bd5aeeb543e8025239831c9f9a09121119e4a9f5
-
SHA256
0b89a63dbcbb9cdd571940753163dca5290653588c094c96f34b3c438d03e44c
-
SHA512
d9914d5a4606842fe5ded97be11275cf20f9a76b6384cb16271e067981e7fc82980ddb65d386d38ae9da9c4f53d42deb72dc9e862d3aba883e7ef03c8cfc438a
-
SSDEEP
98304:QJD17W0UqpuspM8+PKArk0jkiRIayPIQZwFWr8L:WFW0Ua+8+dxjm3Pbix
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-