General
-
Target
90e3251feb3fad0fbadb72a6c6ab36edf9e432286de2cbf26fce1da445b42386
-
Size
4.1MB
-
Sample
230329-rsar7sgf83
-
MD5
de31779c02b1160e03a99e7dbeb7142e
-
SHA1
1ffc0f5e944c40bbfda12c978c3150c10281b1bd
-
SHA256
90e3251feb3fad0fbadb72a6c6ab36edf9e432286de2cbf26fce1da445b42386
-
SHA512
cb9ee0ac803105f6fc61cf61de5101255c942d349dcb6d5e24d42e410722f0fa1a326913eeded34d835f205741e810930048594be99b09450c7a7fba37f5e832
-
SSDEEP
98304:Mn7DsKGaqVohMV3iM4rojo/8eRQfWle7+NTITxGbeKkQCv5:83B+EyiMgojz7JTxc/k/v5
Static task
static1
Malware Config
Targets
-
-
Target
90e3251feb3fad0fbadb72a6c6ab36edf9e432286de2cbf26fce1da445b42386
-
Size
4.1MB
-
MD5
de31779c02b1160e03a99e7dbeb7142e
-
SHA1
1ffc0f5e944c40bbfda12c978c3150c10281b1bd
-
SHA256
90e3251feb3fad0fbadb72a6c6ab36edf9e432286de2cbf26fce1da445b42386
-
SHA512
cb9ee0ac803105f6fc61cf61de5101255c942d349dcb6d5e24d42e410722f0fa1a326913eeded34d835f205741e810930048594be99b09450c7a7fba37f5e832
-
SSDEEP
98304:Mn7DsKGaqVohMV3iM4rojo/8eRQfWle7+NTITxGbeKkQCv5:83B+EyiMgojz7JTxc/k/v5
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-