General
-
Target
dd8b33404210c45e8bbc47b625cddb26fcc67dc6fbbdfef9ba773fd95d840dca
-
Size
4.1MB
-
Sample
230327-1fnmzafd46
-
MD5
3d732483a45627df58f7f18cee1764bb
-
SHA1
d17471e28a047725b15f367cd5d127b1b9347f4f
-
SHA256
dd8b33404210c45e8bbc47b625cddb26fcc67dc6fbbdfef9ba773fd95d840dca
-
SHA512
973f16eb46a4e12cb987adf4277309b81e2aebcc9de00f2551e9a22ca3ce7d90a7bbea423c2608d7930a349514f111356f89d4305b3d5d1aceddc5e01c51d5dc
-
SSDEEP
98304:hsga/db54hpOTZGP3wo0ZMln15HTLEPxA/IhAljsmJ:hsga/1gj04zaA/IoX
Static task
static1
Malware Config
Targets
-
-
Target
dd8b33404210c45e8bbc47b625cddb26fcc67dc6fbbdfef9ba773fd95d840dca
-
Size
4.1MB
-
MD5
3d732483a45627df58f7f18cee1764bb
-
SHA1
d17471e28a047725b15f367cd5d127b1b9347f4f
-
SHA256
dd8b33404210c45e8bbc47b625cddb26fcc67dc6fbbdfef9ba773fd95d840dca
-
SHA512
973f16eb46a4e12cb987adf4277309b81e2aebcc9de00f2551e9a22ca3ce7d90a7bbea423c2608d7930a349514f111356f89d4305b3d5d1aceddc5e01c51d5dc
-
SSDEEP
98304:hsga/db54hpOTZGP3wo0ZMln15HTLEPxA/IhAljsmJ:hsga/1gj04zaA/IoX
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-