General
-
Target
c3208e83f4e0424f5f6648ebd60fc79febc6cb91590f5fefa324ea094904b046
-
Size
4.1MB
-
Sample
230329-jlh61afc77
-
MD5
9e9fde4123b4c014b10d02882ecb4d18
-
SHA1
860034ef167de36b4c3d141d8bc556fc220d6e21
-
SHA256
c3208e83f4e0424f5f6648ebd60fc79febc6cb91590f5fefa324ea094904b046
-
SHA512
cc1f36700100de2e348f5673fb54e66cc79c70da42e5dd7008d50fe99da069396148bb63255ae1b4295de196d37b616944cc985ae2da319a0c9f255ca611f808
-
SSDEEP
98304:fW4FkGrzhLMOTvhVFfVuonqfevvibb7iZVbmcTXxyf92/lWz/u:fnFkG/pMmZzNuLfeY7ybHE2D
Static task
static1
Malware Config
Targets
-
-
Target
c3208e83f4e0424f5f6648ebd60fc79febc6cb91590f5fefa324ea094904b046
-
Size
4.1MB
-
MD5
9e9fde4123b4c014b10d02882ecb4d18
-
SHA1
860034ef167de36b4c3d141d8bc556fc220d6e21
-
SHA256
c3208e83f4e0424f5f6648ebd60fc79febc6cb91590f5fefa324ea094904b046
-
SHA512
cc1f36700100de2e348f5673fb54e66cc79c70da42e5dd7008d50fe99da069396148bb63255ae1b4295de196d37b616944cc985ae2da319a0c9f255ca611f808
-
SSDEEP
98304:fW4FkGrzhLMOTvhVFfVuonqfevvibb7iZVbmcTXxyf92/lWz/u:fnFkG/pMmZzNuLfeY7ybHE2D
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-