General
-
Target
4d2a5fda122568b052e6b8cc9887b89b910434b85c49016ae002d36e1be26689
-
Size
4.1MB
-
Sample
230327-1jhk5ahd5t
-
MD5
30b705a2ed8d7896f81947100214d95d
-
SHA1
c6410896be3802d282139dc698ad10a9b004697a
-
SHA256
4d2a5fda122568b052e6b8cc9887b89b910434b85c49016ae002d36e1be26689
-
SHA512
9c15019f840d5761a79e196cb8555f15f919e13537e5c7f475072cbec579a9734e942480e0bc6dcb907b74b777846d4d594951907f71a3dcb8d68fe1c2b14c5f
-
SSDEEP
98304:hsga/db54hpOTZGP3wo0ZMln15HTLEPxA/IhAljsmF:hsga/1gj04zaA/IoH
Static task
static1
Malware Config
Targets
-
-
Target
4d2a5fda122568b052e6b8cc9887b89b910434b85c49016ae002d36e1be26689
-
Size
4.1MB
-
MD5
30b705a2ed8d7896f81947100214d95d
-
SHA1
c6410896be3802d282139dc698ad10a9b004697a
-
SHA256
4d2a5fda122568b052e6b8cc9887b89b910434b85c49016ae002d36e1be26689
-
SHA512
9c15019f840d5761a79e196cb8555f15f919e13537e5c7f475072cbec579a9734e942480e0bc6dcb907b74b777846d4d594951907f71a3dcb8d68fe1c2b14c5f
-
SSDEEP
98304:hsga/db54hpOTZGP3wo0ZMln15HTLEPxA/IhAljsmF:hsga/1gj04zaA/IoH
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-