General
-
Target
1e88dac8ec81b147652599306d6ee12b8d8332676f101d49a28b7a4db715d376
-
Size
4.1MB
-
Sample
230326-twkspabb3s
-
MD5
cad21db3259c2666d2e860ac881b1854
-
SHA1
dcf65193b7380aa5f6d00c9ed2fd9634b43287c1
-
SHA256
1e88dac8ec81b147652599306d6ee12b8d8332676f101d49a28b7a4db715d376
-
SHA512
c03f55f2cc0c5e1d17766a2aed518eab36f98384268ec96a54feb80abf82b2bbed8be5db65f2a164cc286310a7518e3d7f486412f46f342c8200cb5f4b0507ac
-
SSDEEP
98304:LAJRoLUMI2EcipwIPFl2pMJZ6FwN+3+i8fL6JVlgyihaI:8JR8UMI2EnWIPT2pMJQFKI4vPn
Static task
static1
Malware Config
Targets
-
-
Target
1e88dac8ec81b147652599306d6ee12b8d8332676f101d49a28b7a4db715d376
-
Size
4.1MB
-
MD5
cad21db3259c2666d2e860ac881b1854
-
SHA1
dcf65193b7380aa5f6d00c9ed2fd9634b43287c1
-
SHA256
1e88dac8ec81b147652599306d6ee12b8d8332676f101d49a28b7a4db715d376
-
SHA512
c03f55f2cc0c5e1d17766a2aed518eab36f98384268ec96a54feb80abf82b2bbed8be5db65f2a164cc286310a7518e3d7f486412f46f342c8200cb5f4b0507ac
-
SSDEEP
98304:LAJRoLUMI2EcipwIPFl2pMJZ6FwN+3+i8fL6JVlgyihaI:8JR8UMI2EnWIPT2pMJQFKI4vPn
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-