General
-
Target
d594f88cced91698789df7bc7ade53fdbe6dc5dbd711791aef401ced3a2c8185
-
Size
4.1MB
-
Sample
230327-qhl7taff6s
-
MD5
89ff4a23751bfba8d8c46b8fcaef9e5a
-
SHA1
8f9c5137c3c5b7f5e028df8d6e4ab576143441c5
-
SHA256
d594f88cced91698789df7bc7ade53fdbe6dc5dbd711791aef401ced3a2c8185
-
SHA512
637ce21e6fb5ee6bb9a3a1cc301c99e2c2a9c6062ae8fad0cae16aae2610472f35408c6054971920c0b78526eb7f2769123ff8e1c58dfa4e8d0c88e8283b9351
-
SSDEEP
98304:yLqWm8EUt/RsxsyuOliVwdHZMwkg3X+WAEpeoGZdY:jynt/Sxsyu+yc2wkUX+GURi
Static task
static1
Malware Config
Targets
-
-
Target
d594f88cced91698789df7bc7ade53fdbe6dc5dbd711791aef401ced3a2c8185
-
Size
4.1MB
-
MD5
89ff4a23751bfba8d8c46b8fcaef9e5a
-
SHA1
8f9c5137c3c5b7f5e028df8d6e4ab576143441c5
-
SHA256
d594f88cced91698789df7bc7ade53fdbe6dc5dbd711791aef401ced3a2c8185
-
SHA512
637ce21e6fb5ee6bb9a3a1cc301c99e2c2a9c6062ae8fad0cae16aae2610472f35408c6054971920c0b78526eb7f2769123ff8e1c58dfa4e8d0c88e8283b9351
-
SSDEEP
98304:yLqWm8EUt/RsxsyuOliVwdHZMwkg3X+WAEpeoGZdY:jynt/Sxsyu+yc2wkUX+GURi
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-