General
-
Target
8c03086c7f4a307bc6ce966c3e90352f284e39d8e0d8fd4fdef20d8531f4ddd3
-
Size
4.1MB
-
Sample
230328-yv3pbseh2v
-
MD5
32af05e8ceea412df35ed3098fc76308
-
SHA1
e160d6563c832cffd9f42f98216e8038fde94b43
-
SHA256
8c03086c7f4a307bc6ce966c3e90352f284e39d8e0d8fd4fdef20d8531f4ddd3
-
SHA512
3c75b022f793ebec6978d37e158f23d962988a51e3955c4f1abd222fe4f1f993c83745858aec4239a110ce9fa9d9159d1db31274291bfebe0220966a0025a0a1
-
SSDEEP
98304:kELwTlvdgEX2NpXI1CvrZ0wYkLx78mDXz//wDHa17+P6a+DsJxVO2PF/:kEaAEXAsCv10rkLuUz//Wa1iPqsJxVOi
Static task
static1
Malware Config
Targets
-
-
Target
8c03086c7f4a307bc6ce966c3e90352f284e39d8e0d8fd4fdef20d8531f4ddd3
-
Size
4.1MB
-
MD5
32af05e8ceea412df35ed3098fc76308
-
SHA1
e160d6563c832cffd9f42f98216e8038fde94b43
-
SHA256
8c03086c7f4a307bc6ce966c3e90352f284e39d8e0d8fd4fdef20d8531f4ddd3
-
SHA512
3c75b022f793ebec6978d37e158f23d962988a51e3955c4f1abd222fe4f1f993c83745858aec4239a110ce9fa9d9159d1db31274291bfebe0220966a0025a0a1
-
SSDEEP
98304:kELwTlvdgEX2NpXI1CvrZ0wYkLx78mDXz//wDHa17+P6a+DsJxVO2PF/:kEaAEXAsCv10rkLuUz//Wa1iPqsJxVOi
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-