General
-
Target
cdc7682a084a9d16e492add7b415a490d2f9dce6a30fc21768d2743940e6aae9
-
Size
4.1MB
-
Sample
230328-m2sl6acc4t
-
MD5
a492d37aa341abd299772e36d22a1411
-
SHA1
a569b25c5407a2d4d8010bcbb23c1ffebb16111c
-
SHA256
cdc7682a084a9d16e492add7b415a490d2f9dce6a30fc21768d2743940e6aae9
-
SHA512
8367a5414ac62f20557213ca3ae32f729c126d77ad543ab0f937b1a2429ad3c7f48378319879f28fe5f3a526311e4e64262cee77f22e2e66db85073d90ff8f84
-
SSDEEP
98304:iBoegsbIG86j/mVlYg2sV/zOslj3tUCnDla4qTJ8R:iBoeg0Ifszg2sV/SM3jDla4qlO
Static task
static1
Malware Config
Targets
-
-
Target
cdc7682a084a9d16e492add7b415a490d2f9dce6a30fc21768d2743940e6aae9
-
Size
4.1MB
-
MD5
a492d37aa341abd299772e36d22a1411
-
SHA1
a569b25c5407a2d4d8010bcbb23c1ffebb16111c
-
SHA256
cdc7682a084a9d16e492add7b415a490d2f9dce6a30fc21768d2743940e6aae9
-
SHA512
8367a5414ac62f20557213ca3ae32f729c126d77ad543ab0f937b1a2429ad3c7f48378319879f28fe5f3a526311e4e64262cee77f22e2e66db85073d90ff8f84
-
SSDEEP
98304:iBoegsbIG86j/mVlYg2sV/zOslj3tUCnDla4qTJ8R:iBoeg0Ifszg2sV/SM3jDla4qlO
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-