General
-
Target
9f4f0243d3916b77517e39762dda20b81f9f473b6398c36435bfabb02c7cfed6
-
Size
4.1MB
-
Sample
230326-trvr4ahb59
-
MD5
fc89d686700e46edeb6942c7fdfddd1c
-
SHA1
ef6d0770f6d3fa833813a2b7a89e0c59454f4da3
-
SHA256
9f4f0243d3916b77517e39762dda20b81f9f473b6398c36435bfabb02c7cfed6
-
SHA512
6d32921875a625cd33145cb6687ad9d821f4d30ac9f5af32903a24d8c73af9fc043cd3b42ac3709b1965e4538c7905efbf3d5b68353aabe942ee870997906e8a
-
SSDEEP
98304:LAJRoLUMI2EcipwIPFl2pMJZ6FwN+3+i8fL6JVlgyihaV:8JR8UMI2EnWIPT2pMJQFKI4vPa
Static task
static1
Malware Config
Targets
-
-
Target
9f4f0243d3916b77517e39762dda20b81f9f473b6398c36435bfabb02c7cfed6
-
Size
4.1MB
-
MD5
fc89d686700e46edeb6942c7fdfddd1c
-
SHA1
ef6d0770f6d3fa833813a2b7a89e0c59454f4da3
-
SHA256
9f4f0243d3916b77517e39762dda20b81f9f473b6398c36435bfabb02c7cfed6
-
SHA512
6d32921875a625cd33145cb6687ad9d821f4d30ac9f5af32903a24d8c73af9fc043cd3b42ac3709b1965e4538c7905efbf3d5b68353aabe942ee870997906e8a
-
SSDEEP
98304:LAJRoLUMI2EcipwIPFl2pMJZ6FwN+3+i8fL6JVlgyihaV:8JR8UMI2EnWIPT2pMJQFKI4vPa
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-