General
-
Target
61e679642117f756b214609fd9c9c408
-
Size
4.5MB
-
Sample
240117-gmv6vahfgq
-
MD5
61e679642117f756b214609fd9c9c408
-
SHA1
f7dc6fe52ccbf3baf947e10a820f5a6d0feadf9a
-
SHA256
a21f51cbbb95973a2273dcf90b56004cf97eaffb093012ef1b61b64b214189e8
-
SHA512
5138f537b723a0bd2abd436c4351a99f45b7e0fc080b5c59c01f01dc9897ab62edecf260fa0ba0fb38ff6504fb6d0ad7064b1ab0b6dc18b550b01c61f0d9b613
-
SSDEEP
98304:xa4qqEJg2m6wCuKWqTx5+L2kPuV/Yy2lHJNI/Uw/bpehymCT6Di0:kq6g2m6wCp9QCUXqMw/yhCUD
Static task
static1
Behavioral task
behavioral1
Sample
61e679642117f756b214609fd9c9c408.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
61e679642117f756b214609fd9c9c408
-
Size
4.5MB
-
MD5
61e679642117f756b214609fd9c9c408
-
SHA1
f7dc6fe52ccbf3baf947e10a820f5a6d0feadf9a
-
SHA256
a21f51cbbb95973a2273dcf90b56004cf97eaffb093012ef1b61b64b214189e8
-
SHA512
5138f537b723a0bd2abd436c4351a99f45b7e0fc080b5c59c01f01dc9897ab62edecf260fa0ba0fb38ff6504fb6d0ad7064b1ab0b6dc18b550b01c61f0d9b613
-
SSDEEP
98304:xa4qqEJg2m6wCuKWqTx5+L2kPuV/Yy2lHJNI/Uw/bpehymCT6Di0:kq6g2m6wCp9QCUXqMw/yhCUD
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-