General
-
Target
9d75b3af5ee7ab0cd804cd184d7f16186176460ac137e0b68d400ddcbd1a40e8
-
Size
4.1MB
-
Sample
230328-3vaqrsff3v
-
MD5
f96acfb3472f8acb891789a2d78a362b
-
SHA1
67d58b71e66958761b544d4fcd141d3f276c127a
-
SHA256
9d75b3af5ee7ab0cd804cd184d7f16186176460ac137e0b68d400ddcbd1a40e8
-
SHA512
d9763a4a8f05a0d362114af0a45dc2dda76fed954937847c5e767ac3eb1c29064bb07ecaca839382344965246173e2bd9bdba3b935de2b82d3a716791e11a56d
-
SSDEEP
98304:g9KBPP4wATZUdpDaBq3Icw1Qa4TR0EJxRxOJvMxxWLY:1TAVax4c2QaYR0EJ9OJvMx5
Static task
static1
Malware Config
Targets
-
-
Target
9d75b3af5ee7ab0cd804cd184d7f16186176460ac137e0b68d400ddcbd1a40e8
-
Size
4.1MB
-
MD5
f96acfb3472f8acb891789a2d78a362b
-
SHA1
67d58b71e66958761b544d4fcd141d3f276c127a
-
SHA256
9d75b3af5ee7ab0cd804cd184d7f16186176460ac137e0b68d400ddcbd1a40e8
-
SHA512
d9763a4a8f05a0d362114af0a45dc2dda76fed954937847c5e767ac3eb1c29064bb07ecaca839382344965246173e2bd9bdba3b935de2b82d3a716791e11a56d
-
SSDEEP
98304:g9KBPP4wATZUdpDaBq3Icw1Qa4TR0EJxRxOJvMxxWLY:1TAVax4c2QaYR0EJ9OJvMx5
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-