General
-
Target
3b5645af7ed7d40f0770546add16b42cd4462f8818a18f88a5e17974a8fba083
-
Size
4.2MB
-
Sample
240509-2sj1zsee46
-
MD5
1acf9847e01d84173bff136c1ac3caf5
-
SHA1
f17521b6b835b5df56d2290c98aeb33d0dd601f1
-
SHA256
3b5645af7ed7d40f0770546add16b42cd4462f8818a18f88a5e17974a8fba083
-
SHA512
50f52a3fe7916e207b432f34175c3081bfd25720477c3850f63fbba86380bbc6a17c050e84c98ebe089f8bbb0073071f9a5c1a2c26489d13064ebff932085d30
-
SSDEEP
98304:SYYiaFq+ieS5FN6Ok4KsxnWuFa9Ky4Bnrz9CeP/hqGF:SYNWaN6/4KsbUUweIGF
Static task
static1
Behavioral task
behavioral1
Sample
3b5645af7ed7d40f0770546add16b42cd4462f8818a18f88a5e17974a8fba083.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
3b5645af7ed7d40f0770546add16b42cd4462f8818a18f88a5e17974a8fba083
-
Size
4.2MB
-
MD5
1acf9847e01d84173bff136c1ac3caf5
-
SHA1
f17521b6b835b5df56d2290c98aeb33d0dd601f1
-
SHA256
3b5645af7ed7d40f0770546add16b42cd4462f8818a18f88a5e17974a8fba083
-
SHA512
50f52a3fe7916e207b432f34175c3081bfd25720477c3850f63fbba86380bbc6a17c050e84c98ebe089f8bbb0073071f9a5c1a2c26489d13064ebff932085d30
-
SSDEEP
98304:SYYiaFq+ieS5FN6Ok4KsxnWuFa9Ky4Bnrz9CeP/hqGF:SYNWaN6/4KsbUUweIGF
-
Glupteba payload
-
Modifies boot configuration data using bcdedit
-
Modifies Windows Firewall
-
Possible attempt to disable PatchGuard
Rootkits can use kernel patching to embed themselves in an operating system.
-