General
-
Target
7d9f0498a085094154df79464fac02e6dde28aa8213b250fe383ff7bfb5f808b
-
Size
4.1MB
-
Sample
230331-y4lgeadb49
-
MD5
6cfeb8e8284d7be248580946ae604979
-
SHA1
45526a23491fd5b78ac8aa346387633f892a41d7
-
SHA256
7d9f0498a085094154df79464fac02e6dde28aa8213b250fe383ff7bfb5f808b
-
SHA512
7071d2e439f291d8e033eaf7394d37691b05d703cad1673874e76932c53a3510a2374f0f7d7eaf57e4b5bcc0fc9039fd4d64e7c57ce49aecbc23f18634c7e071
-
SSDEEP
98304:dPWbmmQf6bYMIlp2fj7SK7VpaTBy675FsxVhV:5WbvQf6Eyfj7t7VpaTBJ5eVhV
Static task
static1
Malware Config
Targets
-
-
Target
7d9f0498a085094154df79464fac02e6dde28aa8213b250fe383ff7bfb5f808b
-
Size
4.1MB
-
MD5
6cfeb8e8284d7be248580946ae604979
-
SHA1
45526a23491fd5b78ac8aa346387633f892a41d7
-
SHA256
7d9f0498a085094154df79464fac02e6dde28aa8213b250fe383ff7bfb5f808b
-
SHA512
7071d2e439f291d8e033eaf7394d37691b05d703cad1673874e76932c53a3510a2374f0f7d7eaf57e4b5bcc0fc9039fd4d64e7c57ce49aecbc23f18634c7e071
-
SSDEEP
98304:dPWbmmQf6bYMIlp2fj7SK7VpaTBy675FsxVhV:5WbvQf6Eyfj7t7VpaTBJ5eVhV
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-