General
-
Target
d2576905645b4fe6ff67df50e9755d0e1678749ec67e1a507a19f8585ec3fdd7
-
Size
4.1MB
-
Sample
230328-qm1wrsbc37
-
MD5
e05a20dbbcddc7f11ea8fa39b406a4a2
-
SHA1
6a63b00422b4c4f88b35dd6b27f91cd4fe197e61
-
SHA256
d2576905645b4fe6ff67df50e9755d0e1678749ec67e1a507a19f8585ec3fdd7
-
SHA512
527fb7ef6632bda5b2592ac12691685d2dcdd6dfbd4d6c3862d7905cebc873835c009408772c3e8ece001c34329346880a1b6ad04920a6f23b416ab9ae62f65c
-
SSDEEP
98304:a4LaDeNSuyCmO874np0mdKzD7v784No7HRz4M8yO6ABNo:rL2eNS5OY4nlKD7v78uorR07s
Static task
static1
Malware Config
Targets
-
-
Target
d2576905645b4fe6ff67df50e9755d0e1678749ec67e1a507a19f8585ec3fdd7
-
Size
4.1MB
-
MD5
e05a20dbbcddc7f11ea8fa39b406a4a2
-
SHA1
6a63b00422b4c4f88b35dd6b27f91cd4fe197e61
-
SHA256
d2576905645b4fe6ff67df50e9755d0e1678749ec67e1a507a19f8585ec3fdd7
-
SHA512
527fb7ef6632bda5b2592ac12691685d2dcdd6dfbd4d6c3862d7905cebc873835c009408772c3e8ece001c34329346880a1b6ad04920a6f23b416ab9ae62f65c
-
SSDEEP
98304:a4LaDeNSuyCmO874np0mdKzD7v784No7HRz4M8yO6ABNo:rL2eNS5OY4nlKD7v78uorR07s
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-