General
-
Target
9727b7c5b6553c73af07f3cff4ce90a0f3147614e421624eee0287908b588f0a
-
Size
4.1MB
-
Sample
230328-t83h9sdf9v
-
MD5
5f689f342acf67bb3ee632062c1e3e04
-
SHA1
cacd99a7bdcda6086be6e50da055708c47065242
-
SHA256
9727b7c5b6553c73af07f3cff4ce90a0f3147614e421624eee0287908b588f0a
-
SHA512
dfeea9d2cec2f294a980e4d6e29860a5060ebbafb66277e1e5f0c44bf3f255f29cf7c8f7a2beb43b11f89f640572d95afe0651c540f22156cca8eb799f5fa61e
-
SSDEEP
98304:zFkiC6Dxkh193M37JyWckqXzjOES7r9ojcGWjOKoF:RkiCcxkJM34WcfNSNSUsF
Static task
static1
Malware Config
Targets
-
-
Target
9727b7c5b6553c73af07f3cff4ce90a0f3147614e421624eee0287908b588f0a
-
Size
4.1MB
-
MD5
5f689f342acf67bb3ee632062c1e3e04
-
SHA1
cacd99a7bdcda6086be6e50da055708c47065242
-
SHA256
9727b7c5b6553c73af07f3cff4ce90a0f3147614e421624eee0287908b588f0a
-
SHA512
dfeea9d2cec2f294a980e4d6e29860a5060ebbafb66277e1e5f0c44bf3f255f29cf7c8f7a2beb43b11f89f640572d95afe0651c540f22156cca8eb799f5fa61e
-
SSDEEP
98304:zFkiC6Dxkh193M37JyWckqXzjOES7r9ojcGWjOKoF:RkiCcxkJM34WcfNSNSUsF
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-