General
-
Target
40f4b7f3ab4434ee16206f8e3a0eea19d316f94acbdb5f8d5111c9ae9db2ef21
-
Size
4.1MB
-
Sample
230327-q3l3jsfg61
-
MD5
5ca7ae46151d4649da9371699d5896d2
-
SHA1
9643aae907f7ca38bdde1dbe2ccd1d76e77ace59
-
SHA256
40f4b7f3ab4434ee16206f8e3a0eea19d316f94acbdb5f8d5111c9ae9db2ef21
-
SHA512
b221816fe1d0d84569f12acef4496807f3854c34df464e09ebd3b5d88bac35473c6b9bff3231dc2310a6517b5ebab6e5000c6578c7391bd4734303e658ff341d
-
SSDEEP
98304:qkqCk810HajeBhok089IZwzx3irAwQJoxf5d:uw1neBhrj9I2GQJm
Static task
static1
Malware Config
Targets
-
-
Target
40f4b7f3ab4434ee16206f8e3a0eea19d316f94acbdb5f8d5111c9ae9db2ef21
-
Size
4.1MB
-
MD5
5ca7ae46151d4649da9371699d5896d2
-
SHA1
9643aae907f7ca38bdde1dbe2ccd1d76e77ace59
-
SHA256
40f4b7f3ab4434ee16206f8e3a0eea19d316f94acbdb5f8d5111c9ae9db2ef21
-
SHA512
b221816fe1d0d84569f12acef4496807f3854c34df464e09ebd3b5d88bac35473c6b9bff3231dc2310a6517b5ebab6e5000c6578c7391bd4734303e658ff341d
-
SSDEEP
98304:qkqCk810HajeBhok089IZwzx3irAwQJoxf5d:uw1neBhrj9I2GQJm
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-