General
-
Target
f67dc6b44e11240cda86d02ff214499e1696f6a5612b5dca0aa5dff85c4a458e
-
Size
4.1MB
-
Sample
230327-w9k2qaeg65
-
MD5
dfb9964823bdae17d0b1ae5d880b47a2
-
SHA1
399fdde3015966f789eba553197ba71950993f02
-
SHA256
f67dc6b44e11240cda86d02ff214499e1696f6a5612b5dca0aa5dff85c4a458e
-
SHA512
46a760e8f500996f3e321d547fee42b159a8e647a77b37aa03dfab306624f3a165fbfbdfce0e7b424dc82bba8ea95f072f99ee2a2ead098758980907e13dfb73
-
SSDEEP
98304:rvpOWouYO4mCfghlxU0b33zKayfkyhq08WG:rvAzuYO4JyHaFq+G
Static task
static1
Malware Config
Targets
-
-
Target
f67dc6b44e11240cda86d02ff214499e1696f6a5612b5dca0aa5dff85c4a458e
-
Size
4.1MB
-
MD5
dfb9964823bdae17d0b1ae5d880b47a2
-
SHA1
399fdde3015966f789eba553197ba71950993f02
-
SHA256
f67dc6b44e11240cda86d02ff214499e1696f6a5612b5dca0aa5dff85c4a458e
-
SHA512
46a760e8f500996f3e321d547fee42b159a8e647a77b37aa03dfab306624f3a165fbfbdfce0e7b424dc82bba8ea95f072f99ee2a2ead098758980907e13dfb73
-
SSDEEP
98304:rvpOWouYO4mCfghlxU0b33zKayfkyhq08WG:rvAzuYO4JyHaFq+G
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-