General
-
Target
729d92748f4e9f412c2fb31ce4326c28e10f0557edae47ab93b781dc83c51486
-
Size
4.1MB
-
Sample
230328-l65a3sad35
-
MD5
7a56fcdc0b27b78cf48c3d4d54866cdd
-
SHA1
6c26d32184d0815fb87d5bab182a4396d7bb5d1a
-
SHA256
729d92748f4e9f412c2fb31ce4326c28e10f0557edae47ab93b781dc83c51486
-
SHA512
faa2df9a35342247bfc4e2750c6d8f27279bf6599c14b4b2d91d2b2e852438611434ac5678d2b711386e0bca983cae930cffc3633ba5eae6ce1ab8ffbaa6b903
-
SSDEEP
98304:M7KO5ns9IuTzF+QIYZlIhMfZaIbJ/m9pEFII/Y8JXr:sLns9RIYZ68ZbFgY/YCr
Static task
static1
Malware Config
Targets
-
-
Target
729d92748f4e9f412c2fb31ce4326c28e10f0557edae47ab93b781dc83c51486
-
Size
4.1MB
-
MD5
7a56fcdc0b27b78cf48c3d4d54866cdd
-
SHA1
6c26d32184d0815fb87d5bab182a4396d7bb5d1a
-
SHA256
729d92748f4e9f412c2fb31ce4326c28e10f0557edae47ab93b781dc83c51486
-
SHA512
faa2df9a35342247bfc4e2750c6d8f27279bf6599c14b4b2d91d2b2e852438611434ac5678d2b711386e0bca983cae930cffc3633ba5eae6ce1ab8ffbaa6b903
-
SSDEEP
98304:M7KO5ns9IuTzF+QIYZlIhMfZaIbJ/m9pEFII/Y8JXr:sLns9RIYZ68ZbFgY/YCr
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-