General
-
Target
3fb3a40393be6f176abbf506e41f1604bf1494b2f020b479ff60d144a3faa770
-
Size
4.1MB
-
Sample
230329-zz88cabe8v
-
MD5
14af1310d4b1e2a87927a68e0a76c196
-
SHA1
46b5b3abfb3d38cd9b8331cfe3013d610e083513
-
SHA256
3fb3a40393be6f176abbf506e41f1604bf1494b2f020b479ff60d144a3faa770
-
SHA512
55bdd5419dd0d58637bc4ae6b147f0767b346d26ebef30d51acf8585f9c65fa31a8443ce3619e987a34cc4a3dde35f8fd8151c73786ee61289d1269762c87553
-
SSDEEP
98304:+4uVxM3T2z2Z+Br/+HuD+R2hPpQm3zgYNYYPVpuUptl:CMKz2Z1HuD+6lN9PL
Static task
static1
Malware Config
Targets
-
-
Target
3fb3a40393be6f176abbf506e41f1604bf1494b2f020b479ff60d144a3faa770
-
Size
4.1MB
-
MD5
14af1310d4b1e2a87927a68e0a76c196
-
SHA1
46b5b3abfb3d38cd9b8331cfe3013d610e083513
-
SHA256
3fb3a40393be6f176abbf506e41f1604bf1494b2f020b479ff60d144a3faa770
-
SHA512
55bdd5419dd0d58637bc4ae6b147f0767b346d26ebef30d51acf8585f9c65fa31a8443ce3619e987a34cc4a3dde35f8fd8151c73786ee61289d1269762c87553
-
SSDEEP
98304:+4uVxM3T2z2Z+Br/+HuD+R2hPpQm3zgYNYYPVpuUptl:CMKz2Z1HuD+6lN9PL
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-