General
-
Target
f9e835e7fa4a60a8e33c7cbd236c854f03d1189c368ad1a5f0e7c7ed58dc3cca
-
Size
4.1MB
-
Sample
230327-1agmgafc95
-
MD5
41a9f3cc61b41234e0031f3c34b9aeaa
-
SHA1
feb27bf65015870716dcffe51dd81e2181cc7f89
-
SHA256
f9e835e7fa4a60a8e33c7cbd236c854f03d1189c368ad1a5f0e7c7ed58dc3cca
-
SHA512
0019c26a102b4325336c51dde0eb55a2955d68c3f56eb5d8414976346636e1f83b90763e5918b27cd1cfe23dbb4f2c4866c815ad12c88b0b342b56ca7114a97b
-
SSDEEP
98304:aUwzay3/eNse6eXt0f8PeFsnpObm1b2OjOkqWQTMeoC8X2wWLO3gZWLQr1jYm:arey3/rCMGeMIyN2ObnbXIS3LQem
Static task
static1
Malware Config
Targets
-
-
Target
f9e835e7fa4a60a8e33c7cbd236c854f03d1189c368ad1a5f0e7c7ed58dc3cca
-
Size
4.1MB
-
MD5
41a9f3cc61b41234e0031f3c34b9aeaa
-
SHA1
feb27bf65015870716dcffe51dd81e2181cc7f89
-
SHA256
f9e835e7fa4a60a8e33c7cbd236c854f03d1189c368ad1a5f0e7c7ed58dc3cca
-
SHA512
0019c26a102b4325336c51dde0eb55a2955d68c3f56eb5d8414976346636e1f83b90763e5918b27cd1cfe23dbb4f2c4866c815ad12c88b0b342b56ca7114a97b
-
SSDEEP
98304:aUwzay3/eNse6eXt0f8PeFsnpObm1b2OjOkqWQTMeoC8X2wWLO3gZWLQr1jYm:arey3/rCMGeMIyN2ObnbXIS3LQem
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-