General
-
Target
18bcc0f2ac4988ac4f7825751b1cbe9599d793fbd95b28412c7491824c716424
-
Size
4.1MB
-
Sample
230329-fj2nsagd7t
-
MD5
0cd288c1f9a342d33fc85c4d1860cd42
-
SHA1
73565d866e96065a3e770397ec08e37bc591a53d
-
SHA256
18bcc0f2ac4988ac4f7825751b1cbe9599d793fbd95b28412c7491824c716424
-
SHA512
7c76fd215ec0c65a9ebe518e3d17fe129f5600fa3fed94448b61b69f1800283a5e00c94ac3a305fe4c57602aa643a4f841c3fde2d2e8d799fcc56a9c1985aeee
-
SSDEEP
49152:JN2l4VeDtRb5/MTnXvqtRMxP2qS6Z/KLTiHgpeNH8hOYLUroIhqZVN51w7Gdg7+R:j2y7XvXxeqtV4NpeNcsDSO6g71clx1uo
Static task
static1
Malware Config
Targets
-
-
Target
18bcc0f2ac4988ac4f7825751b1cbe9599d793fbd95b28412c7491824c716424
-
Size
4.1MB
-
MD5
0cd288c1f9a342d33fc85c4d1860cd42
-
SHA1
73565d866e96065a3e770397ec08e37bc591a53d
-
SHA256
18bcc0f2ac4988ac4f7825751b1cbe9599d793fbd95b28412c7491824c716424
-
SHA512
7c76fd215ec0c65a9ebe518e3d17fe129f5600fa3fed94448b61b69f1800283a5e00c94ac3a305fe4c57602aa643a4f841c3fde2d2e8d799fcc56a9c1985aeee
-
SSDEEP
49152:JN2l4VeDtRb5/MTnXvqtRMxP2qS6Z/KLTiHgpeNH8hOYLUroIhqZVN51w7Gdg7+R:j2y7XvXxeqtV4NpeNcsDSO6g71clx1uo
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-