General
-
Target
67d79b1a32a21aa308ccfa661c2093472a7ec393375f164aee00c9bf6388a90b
-
Size
4.1MB
-
Sample
230328-l361haca9s
-
MD5
b3b8d610cd1ef8b600d6bbb040d8233c
-
SHA1
6bf3b4fd7b28f824d4d326994f4434e2c63cb876
-
SHA256
67d79b1a32a21aa308ccfa661c2093472a7ec393375f164aee00c9bf6388a90b
-
SHA512
fb9e4fd33e288f839adc372e788ed4b574421991ca6246b7c82d57848ef282cd482729ae73220e77fa4e2db3a2e75e88eda9349ad9e7bbc7edaa3a2c340c85cb
-
SSDEEP
98304:Ayh1jETwblZHBMNSSg7jKCQXGyLLsWJ3FPCckKmv3C8niJQw:1tbD75Q2yLLswFPCckKiix
Static task
static1
Malware Config
Targets
-
-
Target
67d79b1a32a21aa308ccfa661c2093472a7ec393375f164aee00c9bf6388a90b
-
Size
4.1MB
-
MD5
b3b8d610cd1ef8b600d6bbb040d8233c
-
SHA1
6bf3b4fd7b28f824d4d326994f4434e2c63cb876
-
SHA256
67d79b1a32a21aa308ccfa661c2093472a7ec393375f164aee00c9bf6388a90b
-
SHA512
fb9e4fd33e288f839adc372e788ed4b574421991ca6246b7c82d57848ef282cd482729ae73220e77fa4e2db3a2e75e88eda9349ad9e7bbc7edaa3a2c340c85cb
-
SSDEEP
98304:Ayh1jETwblZHBMNSSg7jKCQXGyLLsWJ3FPCckKmv3C8niJQw:1tbD75Q2yLLswFPCckKiix
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-