General
-
Target
6b3c6ae2bc0fe80656f8d36afbb04bf8b84e425542218b486a5241f4202ea7d6
-
Size
4.1MB
-
Sample
230327-qzr5dsdf79
-
MD5
efb29dec18e208c1bc2a97d0ab1b8c9b
-
SHA1
d45cf3ab36cb56383287b3f1de5d80464cbbfdec
-
SHA256
6b3c6ae2bc0fe80656f8d36afbb04bf8b84e425542218b486a5241f4202ea7d6
-
SHA512
01227649cde0501e88eca71156f18d44c02918365476127a2b6bd752d596b2ea303c344a7922e5d0c2aef9756be0297fe8823f82663aebfae7a612aacae8b0a9
-
SSDEEP
98304:qkqCk810HajeBhok089IZwzx3irAwQJoxf5Z:uw1neBhrj9I2GQJG
Static task
static1
Malware Config
Targets
-
-
Target
6b3c6ae2bc0fe80656f8d36afbb04bf8b84e425542218b486a5241f4202ea7d6
-
Size
4.1MB
-
MD5
efb29dec18e208c1bc2a97d0ab1b8c9b
-
SHA1
d45cf3ab36cb56383287b3f1de5d80464cbbfdec
-
SHA256
6b3c6ae2bc0fe80656f8d36afbb04bf8b84e425542218b486a5241f4202ea7d6
-
SHA512
01227649cde0501e88eca71156f18d44c02918365476127a2b6bd752d596b2ea303c344a7922e5d0c2aef9756be0297fe8823f82663aebfae7a612aacae8b0a9
-
SSDEEP
98304:qkqCk810HajeBhok089IZwzx3irAwQJoxf5Z:uw1neBhrj9I2GQJG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-