General
-
Target
6da0370835d68a8974fcb588fecb3fbf
-
Size
4.4MB
-
Sample
240121-v74klsfgd9
-
MD5
6da0370835d68a8974fcb588fecb3fbf
-
SHA1
6c791854b7146f5ef9f34b7c33e78242ca575e8c
-
SHA256
fcbfc875faa86d1db822019f11632e5609462177b12a4f0083f3f0f88093e2f7
-
SHA512
9212208b0c5deeb3484f702182a2a3baf8c788380c6314af97db1e60455fd8c2e53a94f7fad849791c2d50b1db167e61a1c548893c459172f6b6f58c4954b5ed
-
SSDEEP
98304:pP68pQVjSwUHjLEvtVWkxOONscVqC/lgDtSN8xjwDpBITS:p68+VGhc1dxOOzwtS+jiTITS
Static task
static1
Behavioral task
behavioral1
Sample
6da0370835d68a8974fcb588fecb3fbf.exe
Resource
win7-20231129-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
6da0370835d68a8974fcb588fecb3fbf
-
Size
4.4MB
-
MD5
6da0370835d68a8974fcb588fecb3fbf
-
SHA1
6c791854b7146f5ef9f34b7c33e78242ca575e8c
-
SHA256
fcbfc875faa86d1db822019f11632e5609462177b12a4f0083f3f0f88093e2f7
-
SHA512
9212208b0c5deeb3484f702182a2a3baf8c788380c6314af97db1e60455fd8c2e53a94f7fad849791c2d50b1db167e61a1c548893c459172f6b6f58c4954b5ed
-
SSDEEP
98304:pP68pQVjSwUHjLEvtVWkxOONscVqC/lgDtSN8xjwDpBITS:p68+VGhc1dxOOzwtS+jiTITS
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-