General
-
Target
47ab51892dcaeac4939619bf906c3f6bca828902d5531d051cb877b6ec3f8850
-
Size
4.1MB
-
Sample
230328-p9a37acg5v
-
MD5
b3788cd1aa3cdc377cd5902e4dab60cb
-
SHA1
db7f636f2a05de71dc0a07958ad159efacd493cb
-
SHA256
47ab51892dcaeac4939619bf906c3f6bca828902d5531d051cb877b6ec3f8850
-
SHA512
bfef56ad78ba2f0f4493f5e08f675283c73c7761e88e14e1c347985c0a149fc7e3fa5e18678bc1f3f1c87a1224f09b63a7ef8afe782c607e05c0eb0a14693e92
-
SSDEEP
98304:a4LaDeNSuyCmO874np0mdKzD7v784No7HRz4M8yO6ABNh:rL2eNS5OY4nlKD7v78uorR079
Static task
static1
Malware Config
Targets
-
-
Target
47ab51892dcaeac4939619bf906c3f6bca828902d5531d051cb877b6ec3f8850
-
Size
4.1MB
-
MD5
b3788cd1aa3cdc377cd5902e4dab60cb
-
SHA1
db7f636f2a05de71dc0a07958ad159efacd493cb
-
SHA256
47ab51892dcaeac4939619bf906c3f6bca828902d5531d051cb877b6ec3f8850
-
SHA512
bfef56ad78ba2f0f4493f5e08f675283c73c7761e88e14e1c347985c0a149fc7e3fa5e18678bc1f3f1c87a1224f09b63a7ef8afe782c607e05c0eb0a14693e92
-
SSDEEP
98304:a4LaDeNSuyCmO874np0mdKzD7v784No7HRz4M8yO6ABNh:rL2eNS5OY4nlKD7v78uorR079
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-