General
-
Target
6514fd791cd14c3c2b0a3facae27cb906bdbe885091d4cc46b79b13fa2122c29
-
Size
532KB
-
Sample
220514-xdr1tsbbe3
-
MD5
e6b5174b1643e54dec66aaed271270ad
-
SHA1
0637e099726b60f3f81bd71ab986aea4d9a2eaf1
-
SHA256
6514fd791cd14c3c2b0a3facae27cb906bdbe885091d4cc46b79b13fa2122c29
-
SHA512
741e3601afb085ddccbe6f34a63eb5bd3bccc94ad9445d06358c8cf23d8c0bab4dde83298c3bf78f4b89dfd95767266447b8c60224af4ae818ee6c6d57b20fc8
Static task
static1
Malware Config
Targets
-
-
Target
6514fd791cd14c3c2b0a3facae27cb906bdbe885091d4cc46b79b13fa2122c29
-
Size
532KB
-
MD5
e6b5174b1643e54dec66aaed271270ad
-
SHA1
0637e099726b60f3f81bd71ab986aea4d9a2eaf1
-
SHA256
6514fd791cd14c3c2b0a3facae27cb906bdbe885091d4cc46b79b13fa2122c29
-
SHA512
741e3601afb085ddccbe6f34a63eb5bd3bccc94ad9445d06358c8cf23d8c0bab4dde83298c3bf78f4b89dfd95767266447b8c60224af4ae818ee6c6d57b20fc8
-
Registers COM server for autorun
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Sets file execution options in registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-