General
-
Target
5f752edd878a2d07aa9f547b93e07bfd405b7c71bcf9672658f39b2277b5f276
-
Size
4.1MB
-
Sample
230326-y4ct9shh56
-
MD5
0c2a9e8164b237934e0ba5817b9a9b4a
-
SHA1
1b66165760174a3e666d4481f8dc05bcf616df31
-
SHA256
5f752edd878a2d07aa9f547b93e07bfd405b7c71bcf9672658f39b2277b5f276
-
SHA512
a6e98190aa1722159f2bc144dc59ad8d325fc9d9ceb46e240cf565365b909c18464987a5370fbe57bd6b9e087cc68bcbedf1ce890338ca098069ec6e3bb7a9a1
-
SSDEEP
98304:s/3z+q3kCw6T/jJgazfJD3b78JfkS5ao/0O4bwkh:Wn3kVa/jJgazpL7SkS5aoNk
Static task
static1
Malware Config
Targets
-
-
Target
5f752edd878a2d07aa9f547b93e07bfd405b7c71bcf9672658f39b2277b5f276
-
Size
4.1MB
-
MD5
0c2a9e8164b237934e0ba5817b9a9b4a
-
SHA1
1b66165760174a3e666d4481f8dc05bcf616df31
-
SHA256
5f752edd878a2d07aa9f547b93e07bfd405b7c71bcf9672658f39b2277b5f276
-
SHA512
a6e98190aa1722159f2bc144dc59ad8d325fc9d9ceb46e240cf565365b909c18464987a5370fbe57bd6b9e087cc68bcbedf1ce890338ca098069ec6e3bb7a9a1
-
SSDEEP
98304:s/3z+q3kCw6T/jJgazfJD3b78JfkS5ao/0O4bwkh:Wn3kVa/jJgazpL7SkS5aoNk
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-