General
-
Target
866b289d0fb029630fd4921f209a3e0ac9c23eb49121a25fc775a7802f531b41
-
Size
4.2MB
-
Sample
240509-26c5lacd2x
-
MD5
d310b40f7a9d5559a9092300090d8a97
-
SHA1
31dfc4532a1d0efcc9f366ef8230606ef5ae967e
-
SHA256
866b289d0fb029630fd4921f209a3e0ac9c23eb49121a25fc775a7802f531b41
-
SHA512
4739609ae31be7262dbf2ac630e9dcbbac03992fe8942848637747cb201c31b709fb784d48b6e8600221eaaa4afc488a967774abf761ddee6db52a1aac36720e
-
SSDEEP
98304:fRKlniXA170C+4djdqtAMvusbk2giN5EhLM1AkvTlQa8hgf50tBT:f0Bia70C+4dsyMvVbvN5ApkxQDhg0/
Static task
static1
Behavioral task
behavioral1
Sample
866b289d0fb029630fd4921f209a3e0ac9c23eb49121a25fc775a7802f531b41.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
866b289d0fb029630fd4921f209a3e0ac9c23eb49121a25fc775a7802f531b41
-
Size
4.2MB
-
MD5
d310b40f7a9d5559a9092300090d8a97
-
SHA1
31dfc4532a1d0efcc9f366ef8230606ef5ae967e
-
SHA256
866b289d0fb029630fd4921f209a3e0ac9c23eb49121a25fc775a7802f531b41
-
SHA512
4739609ae31be7262dbf2ac630e9dcbbac03992fe8942848637747cb201c31b709fb784d48b6e8600221eaaa4afc488a967774abf761ddee6db52a1aac36720e
-
SSDEEP
98304:fRKlniXA170C+4djdqtAMvusbk2giN5EhLM1AkvTlQa8hgf50tBT:f0Bia70C+4dsyMvVbvN5ApkxQDhg0/
-
Glupteba payload
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-