General
-
Target
05c0b1d16ecac689c56bfeaf2bbe93eb374021c9358f6b50f3e52f21912ff934
-
Size
3.8MB
-
Sample
220509-aydbvabgf5
-
MD5
b3b4f5d9c8059471bbfd46fbddab3115
-
SHA1
978481727403997db4c82de8976edd6f23f46e24
-
SHA256
05c0b1d16ecac689c56bfeaf2bbe93eb374021c9358f6b50f3e52f21912ff934
-
SHA512
2a026db45d029571d75e0810bf0caf7097be12bcf6664beaf76c2bc4300760db6c70849204039b0a39105f073c2fbb1101616d4a730939fbe01f63988b855c19
Static task
static1
Behavioral task
behavioral1
Sample
05c0b1d16ecac689c56bfeaf2bbe93eb374021c9358f6b50f3e52f21912ff934.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
05c0b1d16ecac689c56bfeaf2bbe93eb374021c9358f6b50f3e52f21912ff934
-
Size
3.8MB
-
MD5
b3b4f5d9c8059471bbfd46fbddab3115
-
SHA1
978481727403997db4c82de8976edd6f23f46e24
-
SHA256
05c0b1d16ecac689c56bfeaf2bbe93eb374021c9358f6b50f3e52f21912ff934
-
SHA512
2a026db45d029571d75e0810bf0caf7097be12bcf6664beaf76c2bc4300760db6c70849204039b0a39105f073c2fbb1101616d4a730939fbe01f63988b855c19
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-