General
-
Target
db0199bb543a4bd5445a8a2542455ef85954f56fd29a7b44448c889369dac0fb
-
Size
3.8MB
-
Sample
220510-xj1j6afgd5
-
MD5
3e4d6d3f7d90cea67c269c8dbf14dc65
-
SHA1
c49fc41d4972db37ba62d0e590e008a04e8f1f22
-
SHA256
db0199bb543a4bd5445a8a2542455ef85954f56fd29a7b44448c889369dac0fb
-
SHA512
09903a6e50541747758f55740b723216946af4325d2f44d4882a81d1e279b46e1b0c70d0fb806ee5820f326472dca7af8f20a04b5669144c4b9d782c54200f67
Static task
static1
Behavioral task
behavioral1
Sample
db0199bb543a4bd5445a8a2542455ef85954f56fd29a7b44448c889369dac0fb.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
db0199bb543a4bd5445a8a2542455ef85954f56fd29a7b44448c889369dac0fb
-
Size
3.8MB
-
MD5
3e4d6d3f7d90cea67c269c8dbf14dc65
-
SHA1
c49fc41d4972db37ba62d0e590e008a04e8f1f22
-
SHA256
db0199bb543a4bd5445a8a2542455ef85954f56fd29a7b44448c889369dac0fb
-
SHA512
09903a6e50541747758f55740b723216946af4325d2f44d4882a81d1e279b46e1b0c70d0fb806ee5820f326472dca7af8f20a04b5669144c4b9d782c54200f67
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-