General
-
Target
8718b54d8e879b0be887d44b790aa4f5d9f18065feb0ffe4856cd464dbe33712
-
Size
4.1MB
-
Sample
230329-jptf5sfc99
-
MD5
ae1dfc36ed70ca13d4aa9113e5befe4b
-
SHA1
6590a131356a5f2754569527ea6d897debcf93a8
-
SHA256
8718b54d8e879b0be887d44b790aa4f5d9f18065feb0ffe4856cd464dbe33712
-
SHA512
495d152b0e45a2b3f80903582217070227f4b4a471fb5d0a4d8ea8ad33a44b76355f6b82e82b2c1d965fe84348f1496c9b1f370f87b481c5c9f755d7684f86e5
-
SSDEEP
98304:fW4FkGrzhLMOTvhVFfVuonqfevvibb7iZVbmcTXxyf92/lWz/H:fnFkG/pMmZzNuLfeY7ybHE2u
Static task
static1
Malware Config
Targets
-
-
Target
8718b54d8e879b0be887d44b790aa4f5d9f18065feb0ffe4856cd464dbe33712
-
Size
4.1MB
-
MD5
ae1dfc36ed70ca13d4aa9113e5befe4b
-
SHA1
6590a131356a5f2754569527ea6d897debcf93a8
-
SHA256
8718b54d8e879b0be887d44b790aa4f5d9f18065feb0ffe4856cd464dbe33712
-
SHA512
495d152b0e45a2b3f80903582217070227f4b4a471fb5d0a4d8ea8ad33a44b76355f6b82e82b2c1d965fe84348f1496c9b1f370f87b481c5c9f755d7684f86e5
-
SSDEEP
98304:fW4FkGrzhLMOTvhVFfVuonqfevvibb7iZVbmcTXxyf92/lWz/H:fnFkG/pMmZzNuLfeY7ybHE2u
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-