General
-
Target
049cc753197b88d01b46fb3b7020dc0dc0a76dfe305fc02173b83299e929291f
-
Size
3.9MB
-
Sample
220509-ayd85sefck
-
MD5
c59c45733ce1353f991b514d7727675d
-
SHA1
a171401188c2db26864d9698df799d1e09afe2aa
-
SHA256
049cc753197b88d01b46fb3b7020dc0dc0a76dfe305fc02173b83299e929291f
-
SHA512
d6f8da3759e884a5a32255a0ceae0d4da7352a7449389ff2a8e103f062263c756898f3c807d699478ab73e67037340e6ad584a53bacf12885ae0adba0bb3e0fd
Static task
static1
Behavioral task
behavioral1
Sample
049cc753197b88d01b46fb3b7020dc0dc0a76dfe305fc02173b83299e929291f.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
049cc753197b88d01b46fb3b7020dc0dc0a76dfe305fc02173b83299e929291f.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
049cc753197b88d01b46fb3b7020dc0dc0a76dfe305fc02173b83299e929291f
-
Size
3.9MB
-
MD5
c59c45733ce1353f991b514d7727675d
-
SHA1
a171401188c2db26864d9698df799d1e09afe2aa
-
SHA256
049cc753197b88d01b46fb3b7020dc0dc0a76dfe305fc02173b83299e929291f
-
SHA512
d6f8da3759e884a5a32255a0ceae0d4da7352a7449389ff2a8e103f062263c756898f3c807d699478ab73e67037340e6ad584a53bacf12885ae0adba0bb3e0fd
Score10/10-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Adds Run key to start application
-
Modifies boot configuration data using bcdedit
-