General
-
Target
4a23a6c3308a3c17b2252c4272bd281bc286c8653ec69ba16b91ee36df85c775
-
Size
4.1MB
-
Sample
230331-yk6y1aec61
-
MD5
d19110614d7333cb24a4563088a1d6a4
-
SHA1
321c59f2ee475b964384d2ce05640ff3d34376cd
-
SHA256
4a23a6c3308a3c17b2252c4272bd281bc286c8653ec69ba16b91ee36df85c775
-
SHA512
cf66c0c974a70877bce866d81de9425e6ad6c77f127109da87add7f103d176b02a0866ab316ae90dab48992d088110748382221b16ca6b2278ac7f22aa1bf440
-
SSDEEP
98304:dPWbmmQf6bYMIlp2fj7SK7VpaTBy675FsxVh5:5WbvQf6Eyfj7t7VpaTBJ5eVh5
Static task
static1
Malware Config
Targets
-
-
Target
4a23a6c3308a3c17b2252c4272bd281bc286c8653ec69ba16b91ee36df85c775
-
Size
4.1MB
-
MD5
d19110614d7333cb24a4563088a1d6a4
-
SHA1
321c59f2ee475b964384d2ce05640ff3d34376cd
-
SHA256
4a23a6c3308a3c17b2252c4272bd281bc286c8653ec69ba16b91ee36df85c775
-
SHA512
cf66c0c974a70877bce866d81de9425e6ad6c77f127109da87add7f103d176b02a0866ab316ae90dab48992d088110748382221b16ca6b2278ac7f22aa1bf440
-
SSDEEP
98304:dPWbmmQf6bYMIlp2fj7SK7VpaTBy675FsxVh5:5WbvQf6Eyfj7t7VpaTBJ5eVh5
-
Glupteba payload
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-