General
-
Target
a6c4b472a1b9dbe28827aa9a539017af2b3b0fe1edc81b9a040ead3a6ebcba4b
-
Size
4.1MB
-
Sample
230326-vc161abc2s
-
MD5
cc996fcdf7fffefe2886d19dc0891f53
-
SHA1
7055c55a57328d2e6e52e33ba93dc27a63550082
-
SHA256
a6c4b472a1b9dbe28827aa9a539017af2b3b0fe1edc81b9a040ead3a6ebcba4b
-
SHA512
839c66ebdbcefacccffe642bb1e7da66c551e8e286bf02f92afaf7465e5225168c6e8dd1b7661551ea1c0cd456357206206ef341388c03b2f53c5bb860d584e5
-
SSDEEP
98304:zr26hzV4BSCAmhxfdnO3iGF8VPGOZz1YfxoltOV/iiODAg4Ykz5wj5I:fV4BSCA8FpO3ByYOZzufxoltOPM9LjW
Static task
static1
Malware Config
Targets
-
-
Target
a6c4b472a1b9dbe28827aa9a539017af2b3b0fe1edc81b9a040ead3a6ebcba4b
-
Size
4.1MB
-
MD5
cc996fcdf7fffefe2886d19dc0891f53
-
SHA1
7055c55a57328d2e6e52e33ba93dc27a63550082
-
SHA256
a6c4b472a1b9dbe28827aa9a539017af2b3b0fe1edc81b9a040ead3a6ebcba4b
-
SHA512
839c66ebdbcefacccffe642bb1e7da66c551e8e286bf02f92afaf7465e5225168c6e8dd1b7661551ea1c0cd456357206206ef341388c03b2f53c5bb860d584e5
-
SSDEEP
98304:zr26hzV4BSCAmhxfdnO3iGF8VPGOZz1YfxoltOV/iiODAg4Ykz5wj5I:fV4BSCA8FpO3ByYOZzufxoltOPM9LjW
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-