General
-
Target
c84050d37aa53bcadb044ac745a47c47b568541b19305de99b7bf029fd2fc16b
-
Size
4.9MB
-
Sample
220521-mjz9aafadk
-
MD5
9f8c0778a90e69bfa594d46148575a13
-
SHA1
bd09fc2cd7b4f43e07576a75c9cb2f7ac55557e8
-
SHA256
c84050d37aa53bcadb044ac745a47c47b568541b19305de99b7bf029fd2fc16b
-
SHA512
bb30fbd73ac88cf424420aa71fbe058f5bcbaac2dd25bd988e7cb664f34ec60171978982479d526dc01c046fe16b7c44e61fc6277c58027817ba87fb26bd38f9
Static task
static1
Behavioral task
behavioral1
Sample
c84050d37aa53bcadb044ac745a47c47b568541b19305de99b7bf029fd2fc16b.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
c84050d37aa53bcadb044ac745a47c47b568541b19305de99b7bf029fd2fc16b
-
Size
4.9MB
-
MD5
9f8c0778a90e69bfa594d46148575a13
-
SHA1
bd09fc2cd7b4f43e07576a75c9cb2f7ac55557e8
-
SHA256
c84050d37aa53bcadb044ac745a47c47b568541b19305de99b7bf029fd2fc16b
-
SHA512
bb30fbd73ac88cf424420aa71fbe058f5bcbaac2dd25bd988e7cb664f34ec60171978982479d526dc01c046fe16b7c44e61fc6277c58027817ba87fb26bd38f9
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
suricata: ET MALWARE Glupteba CnC Domain in DNS Lookup
suricata: ET MALWARE Glupteba CnC Domain in DNS Lookup
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-