General
-
Target
86e18b9384f0770bd1581107c17024a6152e671c8b50978cf3b9b91220fe3ed0
-
Size
3.7MB
-
Sample
220725-cvb1qabacq
-
MD5
25352270e16b2f8edf0465daedb85e20
-
SHA1
f180c2435917cf8f8ce7f1f00df9342c8eaa19d8
-
SHA256
86e18b9384f0770bd1581107c17024a6152e671c8b50978cf3b9b91220fe3ed0
-
SHA512
3a62ca288a9665b888ce3e5a5b3e69e48f884f644acc7fc6c6f303c69e11983c70f8f789bd98c86805a9e199656c03a457132154c6f42ffdfb295918a8684091
Static task
static1
Behavioral task
behavioral1
Sample
86e18b9384f0770bd1581107c17024a6152e671c8b50978cf3b9b91220fe3ed0.exe
Resource
win7-20220715-en
Malware Config
Targets
-
-
Target
86e18b9384f0770bd1581107c17024a6152e671c8b50978cf3b9b91220fe3ed0
-
Size
3.7MB
-
MD5
25352270e16b2f8edf0465daedb85e20
-
SHA1
f180c2435917cf8f8ce7f1f00df9342c8eaa19d8
-
SHA256
86e18b9384f0770bd1581107c17024a6152e671c8b50978cf3b9b91220fe3ed0
-
SHA512
3a62ca288a9665b888ce3e5a5b3e69e48f884f644acc7fc6c6f303c69e11983c70f8f789bd98c86805a9e199656c03a457132154c6f42ffdfb295918a8684091
-
Glupteba payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
suricata: ET MALWARE Glupteba CnC Domain in DNS Lookup
suricata: ET MALWARE Glupteba CnC Domain in DNS Lookup
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-