General
-
Target
0250bc836990646793c80eaf6d70ec83e080be0a85b77b00e345afedb7153e12
-
Size
4.1MB
-
Sample
230329-z6csqahh97
-
MD5
5e2c9f7967fc37218488c70e405e580e
-
SHA1
42d14e24aca89580777f5d572600d330019c63c0
-
SHA256
0250bc836990646793c80eaf6d70ec83e080be0a85b77b00e345afedb7153e12
-
SHA512
5e202bb1d35e17f8a2e5c09ae0a9a4136490c908a326c729bc9e53a02703af467bb3f776f55e09a68998061eabc9c3c99b6adb8dcfd21bef872f700fab0996f4
-
SSDEEP
98304:j1nNaYEaCOUIf9xJUVtMrBR0vBXQbkhPhgFBDIGo:qYEWz9xWVoRQBXbSFFIGo
Static task
static1
Malware Config
Targets
-
-
Target
0250bc836990646793c80eaf6d70ec83e080be0a85b77b00e345afedb7153e12
-
Size
4.1MB
-
MD5
5e2c9f7967fc37218488c70e405e580e
-
SHA1
42d14e24aca89580777f5d572600d330019c63c0
-
SHA256
0250bc836990646793c80eaf6d70ec83e080be0a85b77b00e345afedb7153e12
-
SHA512
5e202bb1d35e17f8a2e5c09ae0a9a4136490c908a326c729bc9e53a02703af467bb3f776f55e09a68998061eabc9c3c99b6adb8dcfd21bef872f700fab0996f4
-
SSDEEP
98304:j1nNaYEaCOUIf9xJUVtMrBR0vBXQbkhPhgFBDIGo:qYEWz9xWVoRQBXbSFFIGo
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-