General
-
Target
b3b4b03e94aad6439f82c3663ef7f080b7950427d4678f63dd9abff383f03692
-
Size
4.1MB
-
Sample
230327-p7wl4sfe8w
-
MD5
1e19aa3dc82d8ca61007086e36e2fa67
-
SHA1
7e90524c34e6083b213a1cbafe64ed4c139ef991
-
SHA256
b3b4b03e94aad6439f82c3663ef7f080b7950427d4678f63dd9abff383f03692
-
SHA512
7b77ebc41e16eea14e16529d405ebaaeca58db22743350ce8b5a277f9b8394de9fbbce2a0b6473ac62c5e48bbaf84595bfc09580fbfa1f9b03b08bb18f4c487a
-
SSDEEP
98304:yLqWm8EUt/RsxsyuOliVwdHZMwkg3X+WAEpeoGZdB:jynt/Sxsyu+yc2wkUX+GURD
Static task
static1
Malware Config
Targets
-
-
Target
b3b4b03e94aad6439f82c3663ef7f080b7950427d4678f63dd9abff383f03692
-
Size
4.1MB
-
MD5
1e19aa3dc82d8ca61007086e36e2fa67
-
SHA1
7e90524c34e6083b213a1cbafe64ed4c139ef991
-
SHA256
b3b4b03e94aad6439f82c3663ef7f080b7950427d4678f63dd9abff383f03692
-
SHA512
7b77ebc41e16eea14e16529d405ebaaeca58db22743350ce8b5a277f9b8394de9fbbce2a0b6473ac62c5e48bbaf84595bfc09580fbfa1f9b03b08bb18f4c487a
-
SSDEEP
98304:yLqWm8EUt/RsxsyuOliVwdHZMwkg3X+WAEpeoGZdB:jynt/Sxsyu+yc2wkUX+GURD
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-