General
-
Target
cd6574c586fb16baedd4db4af297823d76c224fb260a7d0dbe05045817791a89
-
Size
4.1MB
-
Sample
230328-x3snnaed7x
-
MD5
d4e2c915b6daf7dbb958c2794c297611
-
SHA1
21aeaf4d67e16b0a1b0f903d198eff988fbcd169
-
SHA256
cd6574c586fb16baedd4db4af297823d76c224fb260a7d0dbe05045817791a89
-
SHA512
8f6b541d1973ef34e6097e2963501611a7cab53b15f041f6bce5d32b0501e5e9b4036d23107b699ddb318d467274aa7473d6a25419f618185f3843906aa801cc
-
SSDEEP
98304:m5WAcVPIJkEpWqzo2CYKTP49xfEJicYRmST5XhK2k70cb:MCweEp5zo2C3TP49cicYoGdU2A0cb
Static task
static1
Malware Config
Targets
-
-
Target
cd6574c586fb16baedd4db4af297823d76c224fb260a7d0dbe05045817791a89
-
Size
4.1MB
-
MD5
d4e2c915b6daf7dbb958c2794c297611
-
SHA1
21aeaf4d67e16b0a1b0f903d198eff988fbcd169
-
SHA256
cd6574c586fb16baedd4db4af297823d76c224fb260a7d0dbe05045817791a89
-
SHA512
8f6b541d1973ef34e6097e2963501611a7cab53b15f041f6bce5d32b0501e5e9b4036d23107b699ddb318d467274aa7473d6a25419f618185f3843906aa801cc
-
SSDEEP
98304:m5WAcVPIJkEpWqzo2CYKTP49xfEJicYRmST5XhK2k70cb:MCweEp5zo2C3TP49cicYoGdU2A0cb
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-