General
-
Target
898c15c06bbc18266fa3e8f0df76b2da44aa836f2b8ca72efa58a40a108c331d
-
Size
4.1MB
-
Sample
230328-y68dyseh6v
-
MD5
1a186874333f1c1a56b3ceace54beee5
-
SHA1
f82c09340feaff50adaae0ac7b81ce86c1891f86
-
SHA256
898c15c06bbc18266fa3e8f0df76b2da44aa836f2b8ca72efa58a40a108c331d
-
SHA512
8883a85b6ffad60fa6a7c2e511f806e0a21d883577dd61e02bae5c61a0d4cfbb03c0955eaa1034864ded5ec67dac11eec997f84bb366ecdb471be0237d77f7e8
-
SSDEEP
98304:1gllZtUzyXaTUcZNWhxCJtdbhiVLOMs9LZsG/IJsSDtGFin:1g5iH4cZyxCJIEgGCswEin
Static task
static1
Malware Config
Targets
-
-
Target
898c15c06bbc18266fa3e8f0df76b2da44aa836f2b8ca72efa58a40a108c331d
-
Size
4.1MB
-
MD5
1a186874333f1c1a56b3ceace54beee5
-
SHA1
f82c09340feaff50adaae0ac7b81ce86c1891f86
-
SHA256
898c15c06bbc18266fa3e8f0df76b2da44aa836f2b8ca72efa58a40a108c331d
-
SHA512
8883a85b6ffad60fa6a7c2e511f806e0a21d883577dd61e02bae5c61a0d4cfbb03c0955eaa1034864ded5ec67dac11eec997f84bb366ecdb471be0237d77f7e8
-
SSDEEP
98304:1gllZtUzyXaTUcZNWhxCJtdbhiVLOMs9LZsG/IJsSDtGFin:1g5iH4cZyxCJIEgGCswEin
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-