General
-
Target
b83042ce721971e96c124e7d534d0ec1516050bbcd84c8b7da76f9e06a890302
-
Size
4.1MB
-
Sample
230328-zlw1vsdc73
-
MD5
6d836acf9bec5f5020a9f075448cde4f
-
SHA1
3e0f0f5233be9f3a17c74c96a5a110de0f42a6fd
-
SHA256
b83042ce721971e96c124e7d534d0ec1516050bbcd84c8b7da76f9e06a890302
-
SHA512
af6404eee6d04b7ee3b538edb5e87a25b451fc0671d9d5546d2b3125b32f4ad72f48fa1f4ee02ab9e4bf611c34c26b60212131b1a1a8428cfe00de9e9c9d866c
-
SSDEEP
98304:1gllZtUzyXaTUcZNWhxCJtdbhiVLOMs9LZsG/IJsSDtGFiK:1g5iH4cZyxCJIEgGCswEiK
Static task
static1
Malware Config
Targets
-
-
Target
b83042ce721971e96c124e7d534d0ec1516050bbcd84c8b7da76f9e06a890302
-
Size
4.1MB
-
MD5
6d836acf9bec5f5020a9f075448cde4f
-
SHA1
3e0f0f5233be9f3a17c74c96a5a110de0f42a6fd
-
SHA256
b83042ce721971e96c124e7d534d0ec1516050bbcd84c8b7da76f9e06a890302
-
SHA512
af6404eee6d04b7ee3b538edb5e87a25b451fc0671d9d5546d2b3125b32f4ad72f48fa1f4ee02ab9e4bf611c34c26b60212131b1a1a8428cfe00de9e9c9d866c
-
SSDEEP
98304:1gllZtUzyXaTUcZNWhxCJtdbhiVLOMs9LZsG/IJsSDtGFiK:1g5iH4cZyxCJIEgGCswEiK
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-