General
-
Target
tmp
-
Size
4.4MB
-
Sample
220521-rh63nacghp
-
MD5
da9219017688631cd6e317e510e3c512
-
SHA1
951c49ad80fc1e44ba14ec4885f5457d0954c41c
-
SHA256
26fd0979259f26a0f0d3480f9f41b06cf9b2b95b4a5ebbcf678bbb461d0876ef
-
SHA512
8fb8207147b335d54cd95f9c91525d11b2e9e54b0000f32807e71e350e084bc9baf16a0fe44d04c33fefa976a7271ef17d16c5de968521cf91161c1a446f2f26
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
tmp
-
Size
4.4MB
-
MD5
da9219017688631cd6e317e510e3c512
-
SHA1
951c49ad80fc1e44ba14ec4885f5457d0954c41c
-
SHA256
26fd0979259f26a0f0d3480f9f41b06cf9b2b95b4a5ebbcf678bbb461d0876ef
-
SHA512
8fb8207147b335d54cd95f9c91525d11b2e9e54b0000f32807e71e350e084bc9baf16a0fe44d04c33fefa976a7271ef17d16c5de968521cf91161c1a446f2f26
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-