General
-
Target
bc77caa3e01cbc4d7531395b4952118141c3c153c5f485938ca8d887e35f5925
-
Size
3.8MB
-
Sample
220524-1hkdbsghg7
-
MD5
5878137f1eb2f202c06e50c62b22f01d
-
SHA1
49ec2f567d452ab530b44f2c0c85330f51d5508b
-
SHA256
bc77caa3e01cbc4d7531395b4952118141c3c153c5f485938ca8d887e35f5925
-
SHA512
4e6fdae5f5dcc59a218cf889c170fcb3ed0728f02d9537fdcb782f9240a6870d30fff4d5e45cef94d4ddeb08ef3973ba4177d368b4083c1ed43c5e6db3283a01
Static task
static1
Behavioral task
behavioral1
Sample
bc77caa3e01cbc4d7531395b4952118141c3c153c5f485938ca8d887e35f5925.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
bc77caa3e01cbc4d7531395b4952118141c3c153c5f485938ca8d887e35f5925.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
bc77caa3e01cbc4d7531395b4952118141c3c153c5f485938ca8d887e35f5925
-
Size
3.8MB
-
MD5
5878137f1eb2f202c06e50c62b22f01d
-
SHA1
49ec2f567d452ab530b44f2c0c85330f51d5508b
-
SHA256
bc77caa3e01cbc4d7531395b4952118141c3c153c5f485938ca8d887e35f5925
-
SHA512
4e6fdae5f5dcc59a218cf889c170fcb3ed0728f02d9537fdcb782f9240a6870d30fff4d5e45cef94d4ddeb08ef3973ba4177d368b4083c1ed43c5e6db3283a01
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-