General
-
Target
733a6225fdf4a0131c7da6cdda0a16a3a2cff920c1fff289dd8c0dd4610ba245
-
Size
4.1MB
-
Sample
230326-vbksmahc56
-
MD5
fe07220eff78a4a5e6f9a0e7bcbb4150
-
SHA1
1097354707d7cd8c396806a07b6943ef7a620a1a
-
SHA256
733a6225fdf4a0131c7da6cdda0a16a3a2cff920c1fff289dd8c0dd4610ba245
-
SHA512
3bdf092a9286c7511d30d4097ab04b9d1f3845c2e7e126483f0f73111b6a2414135cbc595c9ddc6b44577265af27eb18fe9c969e4adc94f87948339b27156626
-
SSDEEP
98304:zr26hzV4BSCAmhxfdnO3iGF8VPGOZz1YfxoltOV/iiODAg4Ykz5wj5n:fV4BSCA8FpO3ByYOZzufxoltOPM9LjF
Static task
static1
Malware Config
Targets
-
-
Target
733a6225fdf4a0131c7da6cdda0a16a3a2cff920c1fff289dd8c0dd4610ba245
-
Size
4.1MB
-
MD5
fe07220eff78a4a5e6f9a0e7bcbb4150
-
SHA1
1097354707d7cd8c396806a07b6943ef7a620a1a
-
SHA256
733a6225fdf4a0131c7da6cdda0a16a3a2cff920c1fff289dd8c0dd4610ba245
-
SHA512
3bdf092a9286c7511d30d4097ab04b9d1f3845c2e7e126483f0f73111b6a2414135cbc595c9ddc6b44577265af27eb18fe9c969e4adc94f87948339b27156626
-
SSDEEP
98304:zr26hzV4BSCAmhxfdnO3iGF8VPGOZz1YfxoltOV/iiODAg4Ykz5wj5n:fV4BSCA8FpO3ByYOZzufxoltOPM9LjF
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-