General
-
Target
425b0d3db844540d651f3e73de45481551c53538784bcb6afbd8dfc0f36dcb26
-
Size
4.1MB
-
Sample
230327-s71slseb49
-
MD5
61ed6b21f4c0f81abd2712158d55ce24
-
SHA1
74a022cb97b4f12027aba6509aca47a1bbb8f90c
-
SHA256
425b0d3db844540d651f3e73de45481551c53538784bcb6afbd8dfc0f36dcb26
-
SHA512
e49ea220af22803475dd782a13ca7fe830587e76e6f09a13b87db0d1d3b329b0bb5e90d69bfe90c9cb0701b98f8bbb35a0eba6b3c1a5efcf5c9e6cf3d78fe621
-
SSDEEP
98304:pcQlmdkIy5xRXReogPeSZi7evWLMsK/WCVYvnizGL:zMp0TexWSZi7ev6U/XVYvniG
Static task
static1
Malware Config
Targets
-
-
Target
425b0d3db844540d651f3e73de45481551c53538784bcb6afbd8dfc0f36dcb26
-
Size
4.1MB
-
MD5
61ed6b21f4c0f81abd2712158d55ce24
-
SHA1
74a022cb97b4f12027aba6509aca47a1bbb8f90c
-
SHA256
425b0d3db844540d651f3e73de45481551c53538784bcb6afbd8dfc0f36dcb26
-
SHA512
e49ea220af22803475dd782a13ca7fe830587e76e6f09a13b87db0d1d3b329b0bb5e90d69bfe90c9cb0701b98f8bbb35a0eba6b3c1a5efcf5c9e6cf3d78fe621
-
SSDEEP
98304:pcQlmdkIy5xRXReogPeSZi7evWLMsK/WCVYvnizGL:zMp0TexWSZi7ev6U/XVYvniG
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-