General
-
Target
505ee63a06dd9e19f53361a76d44f67da6e47b2e85dca25eab46021ae9105bdc
-
Size
3.8MB
-
Sample
220524-1489ksdfgk
-
MD5
f3e9deb6281e64b2bd6781c0af13ef7e
-
SHA1
bea6d16b1d69e35f0816e6706b94b676da9cdc3b
-
SHA256
505ee63a06dd9e19f53361a76d44f67da6e47b2e85dca25eab46021ae9105bdc
-
SHA512
f6b0ca4440def5f17c339c9d4095eaf7293d29daa84b3bce5cfba0ccb3287b1097df96136d92f9d09e1f49417765906d55b36ccef161ee52b36cfb2d7d34eaac
Static task
static1
Behavioral task
behavioral1
Sample
505ee63a06dd9e19f53361a76d44f67da6e47b2e85dca25eab46021ae9105bdc.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
505ee63a06dd9e19f53361a76d44f67da6e47b2e85dca25eab46021ae9105bdc
-
Size
3.8MB
-
MD5
f3e9deb6281e64b2bd6781c0af13ef7e
-
SHA1
bea6d16b1d69e35f0816e6706b94b676da9cdc3b
-
SHA256
505ee63a06dd9e19f53361a76d44f67da6e47b2e85dca25eab46021ae9105bdc
-
SHA512
f6b0ca4440def5f17c339c9d4095eaf7293d29daa84b3bce5cfba0ccb3287b1097df96136d92f9d09e1f49417765906d55b36ccef161ee52b36cfb2d7d34eaac
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-