General
-
Target
e50ae8546b20ab54156c42999d8cff5276bcc6e35db76cce24adda169a938e82
-
Size
3.8MB
-
Sample
220524-2n1g6seeck
-
MD5
54162376b3882db5e31351160e443a28
-
SHA1
b3810b56c29deb9c55f26a2e1176da759801a59d
-
SHA256
e50ae8546b20ab54156c42999d8cff5276bcc6e35db76cce24adda169a938e82
-
SHA512
86db4339a8f864bb5c30aa6b6318cb2dfd0a4ae40c8f7a4708a0d7cbff35009bda91655ed118d580ce2ddda6a18069dbe78daaedf67d73795524848a4e69e2ed
Static task
static1
Behavioral task
behavioral1
Sample
e50ae8546b20ab54156c42999d8cff5276bcc6e35db76cce24adda169a938e82.exe
Resource
win7-20220414-en
Malware Config
Targets
-
-
Target
e50ae8546b20ab54156c42999d8cff5276bcc6e35db76cce24adda169a938e82
-
Size
3.8MB
-
MD5
54162376b3882db5e31351160e443a28
-
SHA1
b3810b56c29deb9c55f26a2e1176da759801a59d
-
SHA256
e50ae8546b20ab54156c42999d8cff5276bcc6e35db76cce24adda169a938e82
-
SHA512
86db4339a8f864bb5c30aa6b6318cb2dfd0a4ae40c8f7a4708a0d7cbff35009bda91655ed118d580ce2ddda6a18069dbe78daaedf67d73795524848a4e69e2ed
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Modifies Windows Firewall
-
Modifies boot configuration data using bcdedit
-