General
-
Target
491ebb5503b8c775001c514f3e07a368cb59c8955262e7423f1347bc836414c7
-
Size
3.8MB
-
Sample
220524-yh6kfsbaaq
-
MD5
9123f319c3564a94e30c1d9476ae299d
-
SHA1
29297f78a72d860abe5aa31999d36a8dfe7324bc
-
SHA256
491ebb5503b8c775001c514f3e07a368cb59c8955262e7423f1347bc836414c7
-
SHA512
159ce7aaf5cd7ddf6da8d5c206867463fb4cca059ea1463f932183d7070bf23a60afee9390716ed1af788d1b0c7465ad5d4fad8dd59a688d98b9b5975deac557
Static task
static1
Behavioral task
behavioral1
Sample
491ebb5503b8c775001c514f3e07a368cb59c8955262e7423f1347bc836414c7.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
491ebb5503b8c775001c514f3e07a368cb59c8955262e7423f1347bc836414c7.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
491ebb5503b8c775001c514f3e07a368cb59c8955262e7423f1347bc836414c7
-
Size
3.8MB
-
MD5
9123f319c3564a94e30c1d9476ae299d
-
SHA1
29297f78a72d860abe5aa31999d36a8dfe7324bc
-
SHA256
491ebb5503b8c775001c514f3e07a368cb59c8955262e7423f1347bc836414c7
-
SHA512
159ce7aaf5cd7ddf6da8d5c206867463fb4cca059ea1463f932183d7070bf23a60afee9390716ed1af788d1b0c7465ad5d4fad8dd59a688d98b9b5975deac557
-
Glupteba Payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-