General
-
Target
61eb2106ec53d3d89973b46e60c9e527
-
Size
4.5MB
-
Sample
240117-gt4rkaafh2
-
MD5
61eb2106ec53d3d89973b46e60c9e527
-
SHA1
8ccc27b9674a52d870b6185cbb321191a089564a
-
SHA256
0c535fc0755f04c889292d4bcae072d090f67030cb7a369b6a2113bfc37e1697
-
SHA512
1b683bf490e6f003f2e07904eb813ae9528f3f26105b70a779b0bb97aa073bdf7b3c1522e529f5b7d81bf1ed514ed15813f5d527cd758e94414fc6aca3566463
-
SSDEEP
98304:rwJUj/cXGt2L8cUsaMVXZJowRFipdCyz9iv6itkCkrpEqkD19Ir2JAZP:WGT2hzXZeZz9iv6TJFhk4rk+P
Static task
static1
Behavioral task
behavioral1
Sample
61eb2106ec53d3d89973b46e60c9e527.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
61eb2106ec53d3d89973b46e60c9e527
-
Size
4.5MB
-
MD5
61eb2106ec53d3d89973b46e60c9e527
-
SHA1
8ccc27b9674a52d870b6185cbb321191a089564a
-
SHA256
0c535fc0755f04c889292d4bcae072d090f67030cb7a369b6a2113bfc37e1697
-
SHA512
1b683bf490e6f003f2e07904eb813ae9528f3f26105b70a779b0bb97aa073bdf7b3c1522e529f5b7d81bf1ed514ed15813f5d527cd758e94414fc6aca3566463
-
SSDEEP
98304:rwJUj/cXGt2L8cUsaMVXZJowRFipdCyz9iv6itkCkrpEqkD19Ir2JAZP:WGT2hzXZeZz9iv6TJFhk4rk+P
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-