General
-
Target
386da3416c8e51aef1a84ca1a367adcb687e9e503930e414b8fb15817d55deb1
-
Size
4.1MB
-
Sample
230331-xzbwqscg26
-
MD5
625892f2a1a9f5b3be14d5705a9c943b
-
SHA1
56b839881c0ad4290238e9a28bf76d8a109a89ab
-
SHA256
386da3416c8e51aef1a84ca1a367adcb687e9e503930e414b8fb15817d55deb1
-
SHA512
fad3968d8130f2e821047066b82aa5961f7a9d65c208be296ea4d062e3a72769c59df8579b956509f33b606e8a0863f40e34a7d8fb84b6754f5b680fa50bef48
-
SSDEEP
98304:hRRUxC5GPgH3pv5g9zpuNd1mUn8SKlfmGHYyndf7:hkQcoPBd5MJYy9
Static task
static1
Malware Config
Targets
-
-
Target
386da3416c8e51aef1a84ca1a367adcb687e9e503930e414b8fb15817d55deb1
-
Size
4.1MB
-
MD5
625892f2a1a9f5b3be14d5705a9c943b
-
SHA1
56b839881c0ad4290238e9a28bf76d8a109a89ab
-
SHA256
386da3416c8e51aef1a84ca1a367adcb687e9e503930e414b8fb15817d55deb1
-
SHA512
fad3968d8130f2e821047066b82aa5961f7a9d65c208be296ea4d062e3a72769c59df8579b956509f33b606e8a0863f40e34a7d8fb84b6754f5b680fa50bef48
-
SSDEEP
98304:hRRUxC5GPgH3pv5g9zpuNd1mUn8SKlfmGHYyndf7:hkQcoPBd5MJYy9
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-