General
-
Target
a02962bc04071549e766fd521a214f6126a991f3b44bcec0a56ae67eb2fa8cce
-
Size
4.1MB
-
Sample
230331-x8vefaeb8s
-
MD5
528c68619bdac729a881bafd03abb5e2
-
SHA1
f3a8c890e2692ebcb52a2c586bae5f9f849752f9
-
SHA256
a02962bc04071549e766fd521a214f6126a991f3b44bcec0a56ae67eb2fa8cce
-
SHA512
e6cade00ab9e9caac082b599b8840f519972c80a113f4bcf5a6b176740c83bb5582d7d03ef488bd09397d871991db4ec082fdb501465c40aeecd3761effc4934
-
SSDEEP
98304:dPWbmmQf6bYMIlp2fj7SK7VpaTBy675FsxVhJ:5WbvQf6Eyfj7t7VpaTBJ5eVhJ
Static task
static1
Malware Config
Targets
-
-
Target
a02962bc04071549e766fd521a214f6126a991f3b44bcec0a56ae67eb2fa8cce
-
Size
4.1MB
-
MD5
528c68619bdac729a881bafd03abb5e2
-
SHA1
f3a8c890e2692ebcb52a2c586bae5f9f849752f9
-
SHA256
a02962bc04071549e766fd521a214f6126a991f3b44bcec0a56ae67eb2fa8cce
-
SHA512
e6cade00ab9e9caac082b599b8840f519972c80a113f4bcf5a6b176740c83bb5582d7d03ef488bd09397d871991db4ec082fdb501465c40aeecd3761effc4934
-
SSDEEP
98304:dPWbmmQf6bYMIlp2fj7SK7VpaTBy675FsxVhJ:5WbvQf6Eyfj7t7VpaTBJ5eVhJ
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-