General
-
Target
3f253764e58ab53d24f30cfeaceabe7ce8ae9dfdf75bb379534b1c561b1c2be1
-
Size
4.1MB
-
Sample
230328-s2nabsbg78
-
MD5
3b8dd3501d6c7d56790a3298b139a921
-
SHA1
dade70b3aa92786e649f824f753fcf34a3afac12
-
SHA256
3f253764e58ab53d24f30cfeaceabe7ce8ae9dfdf75bb379534b1c561b1c2be1
-
SHA512
d209be4875e677ddb34ddab6141210ce29d4b7bfe20ccabf0f0d434819cf6d4a6785b746513a9b1785f414933a70ab44db9e8c710a9d049a28eed52b1c32b58f
-
SSDEEP
98304:Jv8VP4qda1AwlCuF+X7nTfk2P7Px/Hvgk/7FHeVAkEdgGt0WI3TL+e:dq8fviU4x/YYeuky0VT
Static task
static1
Malware Config
Targets
-
-
Target
3f253764e58ab53d24f30cfeaceabe7ce8ae9dfdf75bb379534b1c561b1c2be1
-
Size
4.1MB
-
MD5
3b8dd3501d6c7d56790a3298b139a921
-
SHA1
dade70b3aa92786e649f824f753fcf34a3afac12
-
SHA256
3f253764e58ab53d24f30cfeaceabe7ce8ae9dfdf75bb379534b1c561b1c2be1
-
SHA512
d209be4875e677ddb34ddab6141210ce29d4b7bfe20ccabf0f0d434819cf6d4a6785b746513a9b1785f414933a70ab44db9e8c710a9d049a28eed52b1c32b58f
-
SSDEEP
98304:Jv8VP4qda1AwlCuF+X7nTfk2P7Px/Hvgk/7FHeVAkEdgGt0WI3TL+e:dq8fviU4x/YYeuky0VT
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-