General
-
Target
4d8bcd082c5eaf60ce1f6813a5fadf294965a28002d7e3b4b02db07290cdd4e8
-
Size
4.1MB
-
Sample
230328-y7qkjaeh6z
-
MD5
fe223a86eb4295a843ac8f3d2d93be91
-
SHA1
7c719ba559a33b5d23eaf116aa21b50d67fc8c58
-
SHA256
4d8bcd082c5eaf60ce1f6813a5fadf294965a28002d7e3b4b02db07290cdd4e8
-
SHA512
83f30dd2bad2f485be8ceef5caad54b9729661a3aba9e8fe901a90d3dfdc0cf5ce016bb57b1d1556ed6ef436ed5cf75307745ceda5d358e6ea45a873f87e6abd
-
SSDEEP
98304:1gllZtUzyXaTUcZNWhxCJtdbhiVLOMs9LZsG/IJsSDtGFik:1g5iH4cZyxCJIEgGCswEik
Static task
static1
Malware Config
Targets
-
-
Target
4d8bcd082c5eaf60ce1f6813a5fadf294965a28002d7e3b4b02db07290cdd4e8
-
Size
4.1MB
-
MD5
fe223a86eb4295a843ac8f3d2d93be91
-
SHA1
7c719ba559a33b5d23eaf116aa21b50d67fc8c58
-
SHA256
4d8bcd082c5eaf60ce1f6813a5fadf294965a28002d7e3b4b02db07290cdd4e8
-
SHA512
83f30dd2bad2f485be8ceef5caad54b9729661a3aba9e8fe901a90d3dfdc0cf5ce016bb57b1d1556ed6ef436ed5cf75307745ceda5d358e6ea45a873f87e6abd
-
SSDEEP
98304:1gllZtUzyXaTUcZNWhxCJtdbhiVLOMs9LZsG/IJsSDtGFik:1g5iH4cZyxCJIEgGCswEik
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-