General
-
Target
c5c7132b244286c520545fc60649e240b959c6be3e3d18feabd2c818bc7639a3
-
Size
3.8MB
-
Sample
220524-18pezadhck
-
MD5
4b2ced1ea5efc8fcd7048a39d305c089
-
SHA1
87c0dab8aa7c51f9f1e80a9958aa16ecf0f277d3
-
SHA256
c5c7132b244286c520545fc60649e240b959c6be3e3d18feabd2c818bc7639a3
-
SHA512
3f4c01bd5797e5e7383e15304d55d97d25fe5d50208cea5ca73013dc33a0946b975c6f57e2e9225f5563d1e7dbcee8fb826a01e5cba919f8c41a8be7614732ee
Static task
static1
Behavioral task
behavioral1
Sample
c5c7132b244286c520545fc60649e240b959c6be3e3d18feabd2c818bc7639a3.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
c5c7132b244286c520545fc60649e240b959c6be3e3d18feabd2c818bc7639a3.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
c5c7132b244286c520545fc60649e240b959c6be3e3d18feabd2c818bc7639a3
-
Size
3.8MB
-
MD5
4b2ced1ea5efc8fcd7048a39d305c089
-
SHA1
87c0dab8aa7c51f9f1e80a9958aa16ecf0f277d3
-
SHA256
c5c7132b244286c520545fc60649e240b959c6be3e3d18feabd2c818bc7639a3
-
SHA512
3f4c01bd5797e5e7383e15304d55d97d25fe5d50208cea5ca73013dc33a0946b975c6f57e2e9225f5563d1e7dbcee8fb826a01e5cba919f8c41a8be7614732ee
-
Glupteba Payload
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Modifies boot configuration data using bcdedit
-
Drops file in System32 directory
-