General
-
Target
tmp
-
Size
4.4MB
-
Sample
220521-rmz5xahfb9
-
MD5
5c32a7b913fdf22a2f3d81f7b5234bf6
-
SHA1
de8c6c01fb843dd56f5d57f8537fa26ecb8f281a
-
SHA256
d804e36628f5760ecbf0b3559a540d0d65e482094595b6917b51b8c93a1034f6
-
SHA512
2f350548a3ffcc9c20d008467aaf8f424e198ede49e0f556ec676175f437f2d764b0799686ce4bfe966906b2036bb0efd37e583531022ad0889a1128401abefe
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
tmp
-
Size
4.4MB
-
MD5
5c32a7b913fdf22a2f3d81f7b5234bf6
-
SHA1
de8c6c01fb843dd56f5d57f8537fa26ecb8f281a
-
SHA256
d804e36628f5760ecbf0b3559a540d0d65e482094595b6917b51b8c93a1034f6
-
SHA512
2f350548a3ffcc9c20d008467aaf8f424e198ede49e0f556ec676175f437f2d764b0799686ce4bfe966906b2036bb0efd37e583531022ad0889a1128401abefe
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-