General
-
Target
e272a8e5849eb3162ef87dbfd960334ad8651b27a80efab4feae05d675be88e5
-
Size
4.1MB
-
Sample
230330-jz9wwadb7y
-
MD5
cdf9431f0026a64140304a1fb276f20e
-
SHA1
895129ae84ac33d6930947b05cc9009593496c7f
-
SHA256
e272a8e5849eb3162ef87dbfd960334ad8651b27a80efab4feae05d675be88e5
-
SHA512
1bcf82353672924ed9dbacce2c4245d0111f69ab1a3202c8a1d67f2c58c5eec3b04c02e69e64446962af54f4a35689268a66b6dd98c25069b36b7ae6809ed018
-
SSDEEP
98304:iP+8Gjz2/5fl+QpbTQ5aW6IxpYun6JpGPJD4mrbOPMDh:BlU3vQ51AXGLDh
Static task
static1
Malware Config
Targets
-
-
Target
e272a8e5849eb3162ef87dbfd960334ad8651b27a80efab4feae05d675be88e5
-
Size
4.1MB
-
MD5
cdf9431f0026a64140304a1fb276f20e
-
SHA1
895129ae84ac33d6930947b05cc9009593496c7f
-
SHA256
e272a8e5849eb3162ef87dbfd960334ad8651b27a80efab4feae05d675be88e5
-
SHA512
1bcf82353672924ed9dbacce2c4245d0111f69ab1a3202c8a1d67f2c58c5eec3b04c02e69e64446962af54f4a35689268a66b6dd98c25069b36b7ae6809ed018
-
SSDEEP
98304:iP+8Gjz2/5fl+QpbTQ5aW6IxpYun6JpGPJD4mrbOPMDh:BlU3vQ51AXGLDh
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-