General
-
Target
6fd9d52463f7b9444ae84fccccc96a3b
-
Size
4.4MB
-
Sample
240122-vpvjzsahem
-
MD5
6fd9d52463f7b9444ae84fccccc96a3b
-
SHA1
d4fc7b50057f1e4df7527df00cde8a4b7556498d
-
SHA256
7bec73f4ea2b19439f13212e476245d88a0cf3da3a90cb27d684614e0a5affef
-
SHA512
f166b7030e21f2ca4db3c8d6fd030eb9ea85a9e9591a75fc1a22302cad87e2cc6c7880b0af19f1b292d157623f878f98af11283ec9a33d3d77ac517dd4f1e5e2
-
SSDEEP
98304:pYjdJmh/+mi/Tlmp1pU7mGMDLGUvlm96nZnEV0nhktE22YRzwbW/z6RtwJ:47mhWmuwp1wMDyl6ZnEOhktEKRzr+/wJ
Static task
static1
Behavioral task
behavioral1
Sample
6fd9d52463f7b9444ae84fccccc96a3b.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
windows/single_exec
Targets
-
-
Target
6fd9d52463f7b9444ae84fccccc96a3b
-
Size
4.4MB
-
MD5
6fd9d52463f7b9444ae84fccccc96a3b
-
SHA1
d4fc7b50057f1e4df7527df00cde8a4b7556498d
-
SHA256
7bec73f4ea2b19439f13212e476245d88a0cf3da3a90cb27d684614e0a5affef
-
SHA512
f166b7030e21f2ca4db3c8d6fd030eb9ea85a9e9591a75fc1a22302cad87e2cc6c7880b0af19f1b292d157623f878f98af11283ec9a33d3d77ac517dd4f1e5e2
-
SSDEEP
98304:pYjdJmh/+mi/Tlmp1pU7mGMDLGUvlm96nZnEV0nhktE22YRzwbW/z6RtwJ:47mhWmuwp1wMDyl6ZnEOhktEKRzr+/wJ
-
Glupteba payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-