General
-
Target
a514523f7ad5de15cd7d434b0e8239517a51da9af0d39df8f28cf761ce18b5f1
-
Size
4.1MB
-
Sample
230329-3jc2rabh6x
-
MD5
fcf86b9a799ea48140411edf920b9824
-
SHA1
81192356d73cdcca8624d1d8ba37309fafcc5b0e
-
SHA256
a514523f7ad5de15cd7d434b0e8239517a51da9af0d39df8f28cf761ce18b5f1
-
SHA512
273edf98cd6b46628cdc2caa1a0175ab50a12d80521e494027fd325d7e112cf8110b70984827caa99dc99d1d5adddf0cbba2fd3e10f17d14f637d63dec9107ab
-
SSDEEP
98304:RBxzdpH15bUFqXTsM1L0NlUAzzctxmpG5AzXLUQW/d3UXoBfYPDTK/0l/r0:5V5b3Qe0MAzzqmpGU7UQMd3UX6YPDq06
Static task
static1
Malware Config
Targets
-
-
Target
a514523f7ad5de15cd7d434b0e8239517a51da9af0d39df8f28cf761ce18b5f1
-
Size
4.1MB
-
MD5
fcf86b9a799ea48140411edf920b9824
-
SHA1
81192356d73cdcca8624d1d8ba37309fafcc5b0e
-
SHA256
a514523f7ad5de15cd7d434b0e8239517a51da9af0d39df8f28cf761ce18b5f1
-
SHA512
273edf98cd6b46628cdc2caa1a0175ab50a12d80521e494027fd325d7e112cf8110b70984827caa99dc99d1d5adddf0cbba2fd3e10f17d14f637d63dec9107ab
-
SSDEEP
98304:RBxzdpH15bUFqXTsM1L0NlUAzzctxmpG5AzXLUQW/d3UXoBfYPDTK/0l/r0:5V5b3Qe0MAzzqmpGU7UQMd3UX6YPDq06
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-