General
-
Target
d03f2f96a76bc7591fd74db7d1a7f05e1eedef298297b905b8ef2ac5438fe3a7
-
Size
1.6MB
-
Sample
220524-1hn2hsghg9
-
MD5
c5d3c73298a153b63daa3dd8760753a6
-
SHA1
a81ceff892ae74654f7071c520b799d1c92ccc59
-
SHA256
d03f2f96a76bc7591fd74db7d1a7f05e1eedef298297b905b8ef2ac5438fe3a7
-
SHA512
58aa34944d5c259861dcd6e8abccbcfff6f1796580d0f465acd5da28dd8ca30c61ccf37bc321198c8f16f98a6b67a2e3cd202be231113d50d0262653f7ecfb3f
Static task
static1
Behavioral task
behavioral1
Sample
d03f2f96a76bc7591fd74db7d1a7f05e1eedef298297b905b8ef2ac5438fe3a7.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
d03f2f96a76bc7591fd74db7d1a7f05e1eedef298297b905b8ef2ac5438fe3a7.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
d03f2f96a76bc7591fd74db7d1a7f05e1eedef298297b905b8ef2ac5438fe3a7
-
Size
1.6MB
-
MD5
c5d3c73298a153b63daa3dd8760753a6
-
SHA1
a81ceff892ae74654f7071c520b799d1c92ccc59
-
SHA256
d03f2f96a76bc7591fd74db7d1a7f05e1eedef298297b905b8ef2ac5438fe3a7
-
SHA512
58aa34944d5c259861dcd6e8abccbcfff6f1796580d0f465acd5da28dd8ca30c61ccf37bc321198c8f16f98a6b67a2e3cd202be231113d50d0262653f7ecfb3f
Score10/10-
suricata: ET MALWARE Possible Windows executable sent when remote host claims to send a Text File
suricata: ET MALWARE Possible Windows executable sent when remote host claims to send a Text File
-
Downloads MZ/PE file
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-