General
-
Target
6c209fc9200465c19a28dc2448ec9d99
-
Size
4.5MB
-
Sample
240121-c1kvtadabr
-
MD5
6c209fc9200465c19a28dc2448ec9d99
-
SHA1
d2883c3b72d2105da100550438b15a57f82fd0d1
-
SHA256
620337ee0b56a75b1d5af95aa8c659760d171c6857f9da443d3c4e2d5d3b2af5
-
SHA512
19ba79bbc14180794b07e7ad46a908f3529ec25ae0873835c0db9cf94384c8442435bf9f0ba2d17b1d40d95ccbb446a58969aee097553a593943dfd402df8580
-
SSDEEP
98304:8tnAeDfR9id+AcZqCKPvGwT7SJrqVtAKeXvQj3clop1SC:4AejR9id+4Pv96JrqtAKeXvY1p1SC
Static task
static1
Behavioral task
behavioral1
Sample
6c209fc9200465c19a28dc2448ec9d99.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
6c209fc9200465c19a28dc2448ec9d99
-
Size
4.5MB
-
MD5
6c209fc9200465c19a28dc2448ec9d99
-
SHA1
d2883c3b72d2105da100550438b15a57f82fd0d1
-
SHA256
620337ee0b56a75b1d5af95aa8c659760d171c6857f9da443d3c4e2d5d3b2af5
-
SHA512
19ba79bbc14180794b07e7ad46a908f3529ec25ae0873835c0db9cf94384c8442435bf9f0ba2d17b1d40d95ccbb446a58969aee097553a593943dfd402df8580
-
SSDEEP
98304:8tnAeDfR9id+AcZqCKPvGwT7SJrqVtAKeXvQj3clop1SC:4AejR9id+4Pv96JrqtAKeXvY1p1SC
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-