General
-
Target
4a70ca67e0b0a566376f4b9f0c9b664c0de73ac045b2c5e374803a03a331290a
-
Size
3.9MB
-
Sample
220509-axzhpabge5
-
MD5
fde4d833e05c516a212f640bb67307f0
-
SHA1
ff9dec62591e58b878bd1547b3c29ff39117e76b
-
SHA256
4a70ca67e0b0a566376f4b9f0c9b664c0de73ac045b2c5e374803a03a331290a
-
SHA512
7500b85f3121b9b25636d50cc7d90fd0bd22e138dfc04ca06e973bcef84ee1e5d2bb408b0e0998e4caf6aafa58ae31b4a0a06e32f5b30e6c451f6cfa24ec093c
Static task
static1
Behavioral task
behavioral1
Sample
4a70ca67e0b0a566376f4b9f0c9b664c0de73ac045b2c5e374803a03a331290a.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
4a70ca67e0b0a566376f4b9f0c9b664c0de73ac045b2c5e374803a03a331290a
-
Size
3.9MB
-
MD5
fde4d833e05c516a212f640bb67307f0
-
SHA1
ff9dec62591e58b878bd1547b3c29ff39117e76b
-
SHA256
4a70ca67e0b0a566376f4b9f0c9b664c0de73ac045b2c5e374803a03a331290a
-
SHA512
7500b85f3121b9b25636d50cc7d90fd0bd22e138dfc04ca06e973bcef84ee1e5d2bb408b0e0998e4caf6aafa58ae31b4a0a06e32f5b30e6c451f6cfa24ec093c
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-