General
-
Target
6110fff21664cb4fb631bc47f7c6bf3c
-
Size
4.4MB
-
Sample
240116-2n7aqadab4
-
MD5
6110fff21664cb4fb631bc47f7c6bf3c
-
SHA1
16cd13a74f79b105214b15b51d8fd7250066df36
-
SHA256
0eff720bbecc3901edcfa6a216d66e078e7a7c813efba5cfcf6edd6abf4deee8
-
SHA512
9a2c519d2c805a9da09d7245384576aaa1735617e12a2d27e612e7ac941f1c0e581070bce148a6a422825f60c65a0c602cdd9ea584060b21b20babdd31911759
-
SSDEEP
98304:ki5npJADMupCYbQRYWGC2Unq55n3FtFqGCZBmfljAxJXl2l6U1is4Yu:FyMupCYc2fbVtNemtjAxJXNU1iz
Static task
static1
Behavioral task
behavioral1
Sample
6110fff21664cb4fb631bc47f7c6bf3c.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
6110fff21664cb4fb631bc47f7c6bf3c
-
Size
4.4MB
-
MD5
6110fff21664cb4fb631bc47f7c6bf3c
-
SHA1
16cd13a74f79b105214b15b51d8fd7250066df36
-
SHA256
0eff720bbecc3901edcfa6a216d66e078e7a7c813efba5cfcf6edd6abf4deee8
-
SHA512
9a2c519d2c805a9da09d7245384576aaa1735617e12a2d27e612e7ac941f1c0e581070bce148a6a422825f60c65a0c602cdd9ea584060b21b20babdd31911759
-
SSDEEP
98304:ki5npJADMupCYbQRYWGC2Unq55n3FtFqGCZBmfljAxJXl2l6U1is4Yu:FyMupCYc2fbVtNemtjAxJXNU1iz
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-