General
-
Target
6f1f130741c10e884ac91387ba6f1671
-
Size
4.4MB
-
Sample
240122-jnxr6sbhg4
-
MD5
6f1f130741c10e884ac91387ba6f1671
-
SHA1
b4e14fc860ef82a4c2090949cd10402916320b99
-
SHA256
4dcc466c7b711acae584e6305f8b5d16f95b443cb719f00de89dfb6e5b32cf03
-
SHA512
f8c18b1dee51f03747d14b0d96e584eb50f51af4df20e70a35c4b8b9630b771b9465e8bedbfce431d296c5e4bef97668c70c233ad18e6fedbe3fa90ded2e948a
-
SSDEEP
98304:s4qEFg15nW5y1E5/VCPB7hW28XjbS/UvVw79jx7Q5vQ:Dcqy1E5/VCPthpUdg95iQ
Static task
static1
Behavioral task
behavioral1
Sample
6f1f130741c10e884ac91387ba6f1671.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
6f1f130741c10e884ac91387ba6f1671
-
Size
4.4MB
-
MD5
6f1f130741c10e884ac91387ba6f1671
-
SHA1
b4e14fc860ef82a4c2090949cd10402916320b99
-
SHA256
4dcc466c7b711acae584e6305f8b5d16f95b443cb719f00de89dfb6e5b32cf03
-
SHA512
f8c18b1dee51f03747d14b0d96e584eb50f51af4df20e70a35c4b8b9630b771b9465e8bedbfce431d296c5e4bef97668c70c233ad18e6fedbe3fa90ded2e948a
-
SSDEEP
98304:s4qEFg15nW5y1E5/VCPB7hW28XjbS/UvVw79jx7Q5vQ:Dcqy1E5/VCPthpUdg95iQ
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-