General
-
Target
c0d6a03b5c511ad5ac345fddecdbc0ff23ca6006ef872740313d6b8b7643f229
-
Size
4.1MB
-
Sample
230327-mm5ceada62
-
MD5
539245815092a20be5423848b3d6d757
-
SHA1
3e12f082145ee81894ea8ac16f6ace15080890e6
-
SHA256
c0d6a03b5c511ad5ac345fddecdbc0ff23ca6006ef872740313d6b8b7643f229
-
SHA512
f0319699bb985cb8ae17f4238b359d229bc0d1f9fafbbd11e93771867a8bb45c66bc75404e4988fbc28442d8cfdb4eb2297c9e23a601c9f6cce00a6e9df838b4
-
SSDEEP
98304:qlUsq5/mFUy5W3l9xAhU+wp3o0ideZIOvfviQrMRto/4SxZ:aUB/mFUy5W3l8hM3oN4ZIbQrMRtsZ
Static task
static1
Malware Config
Targets
-
-
Target
c0d6a03b5c511ad5ac345fddecdbc0ff23ca6006ef872740313d6b8b7643f229
-
Size
4.1MB
-
MD5
539245815092a20be5423848b3d6d757
-
SHA1
3e12f082145ee81894ea8ac16f6ace15080890e6
-
SHA256
c0d6a03b5c511ad5ac345fddecdbc0ff23ca6006ef872740313d6b8b7643f229
-
SHA512
f0319699bb985cb8ae17f4238b359d229bc0d1f9fafbbd11e93771867a8bb45c66bc75404e4988fbc28442d8cfdb4eb2297c9e23a601c9f6cce00a6e9df838b4
-
SSDEEP
98304:qlUsq5/mFUy5W3l9xAhU+wp3o0ideZIOvfviQrMRto/4SxZ:aUB/mFUy5W3l8hM3oN4ZIbQrMRtsZ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-