General
-
Target
b699758c2e191f32a8a9d9c7b7bc1e66b8fd0644f6181ddb3339639edc38d56f
-
Size
32KB
-
Sample
220725-b252pshfdq
-
MD5
56ccbdaa85437657712c855c86d918ee
-
SHA1
d6c2f3b4c6e91646e14069ace6709ef26bd7cd94
-
SHA256
b699758c2e191f32a8a9d9c7b7bc1e66b8fd0644f6181ddb3339639edc38d56f
-
SHA512
1b73e000452e4f13df27d65c66b25d6a474644bce2c533f08245c04ca5152d51285730e14b423d07ef7aa17ae2aa9be8be5aeab77df0876c4471c57e49e1fc2a
Static task
static1
Behavioral task
behavioral1
Sample
b699758c2e191f32a8a9d9c7b7bc1e66b8fd0644f6181ddb3339639edc38d56f.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
b699758c2e191f32a8a9d9c7b7bc1e66b8fd0644f6181ddb3339639edc38d56f.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
b699758c2e191f32a8a9d9c7b7bc1e66b8fd0644f6181ddb3339639edc38d56f
-
Size
32KB
-
MD5
56ccbdaa85437657712c855c86d918ee
-
SHA1
d6c2f3b4c6e91646e14069ace6709ef26bd7cd94
-
SHA256
b699758c2e191f32a8a9d9c7b7bc1e66b8fd0644f6181ddb3339639edc38d56f
-
SHA512
1b73e000452e4f13df27d65c66b25d6a474644bce2c533f08245c04ca5152d51285730e14b423d07ef7aa17ae2aa9be8be5aeab77df0876c4471c57e49e1fc2a
Score10/10-
suricata: ET MALWARE Possible Variant.Kazy.53640 Malformed Client Hello SSL 3.0 (Cipher_Suite length greater than Client_Hello Length)
suricata: ET MALWARE Possible Variant.Kazy.53640 Malformed Client Hello SSL 3.0 (Cipher_Suite length greater than Client_Hello Length)
-
Executes dropped EXE
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-