General
-
Target
11d28b80dcf21adb7cac256c04a9a835e07fafaa9b35ac11830a3a6eb6ad6a72
-
Size
3.8MB
-
Sample
220524-vajtyahhh4
-
MD5
b35892fb1d9735cf157789560a0de250
-
SHA1
32b5adf9366f9297e51617bb4a2b05a51ec548f0
-
SHA256
11d28b80dcf21adb7cac256c04a9a835e07fafaa9b35ac11830a3a6eb6ad6a72
-
SHA512
51551188a19777cf75ba54742d150fcb84b0fea38220d5e0683e349d3004f2aaf6b8cdc82b92175a46ffd302d6c68cfd7f1f8e7137b77f84f898bdb74de9e04e
Static task
static1
Behavioral task
behavioral1
Sample
11d28b80dcf21adb7cac256c04a9a835e07fafaa9b35ac11830a3a6eb6ad6a72.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
11d28b80dcf21adb7cac256c04a9a835e07fafaa9b35ac11830a3a6eb6ad6a72.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
11d28b80dcf21adb7cac256c04a9a835e07fafaa9b35ac11830a3a6eb6ad6a72
-
Size
3.8MB
-
MD5
b35892fb1d9735cf157789560a0de250
-
SHA1
32b5adf9366f9297e51617bb4a2b05a51ec548f0
-
SHA256
11d28b80dcf21adb7cac256c04a9a835e07fafaa9b35ac11830a3a6eb6ad6a72
-
SHA512
51551188a19777cf75ba54742d150fcb84b0fea38220d5e0683e349d3004f2aaf6b8cdc82b92175a46ffd302d6c68cfd7f1f8e7137b77f84f898bdb74de9e04e
-
Glupteba Payload
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Modifies boot configuration data using bcdedit
-
Drops file in System32 directory
-