General
-
Target
dd63745d035a31e8ff92c9879560cd131f5eb809ff8bcaf4d52342d5ad7168b7
-
Size
1.1MB
-
Sample
221002-2vgnmsfehr
-
MD5
63262d885b2d4bfd0418721df73dbb30
-
SHA1
55025d3677a63e50000e3ffbb98bfabf8c73b4ba
-
SHA256
dd63745d035a31e8ff92c9879560cd131f5eb809ff8bcaf4d52342d5ad7168b7
-
SHA512
2d43c3bb56102ebd07563d14b6c41f9101585e7519b190fe5ef50e9c7571fc56f7e3e43d77958ad944eb976976976406f71df6abf4165a039117c4db0e0c9293
-
SSDEEP
24576:ujmzp9dKb9R3n9Owg+3P5WV3CVZ9glt6Uqk5Dyw+m4eFAUWss0l:ujmVTSy+3PcV3K9qt6NkWJeFA3sh
Static task
static1
Behavioral task
behavioral1
Sample
dd63745d035a31e8ff92c9879560cd131f5eb809ff8bcaf4d52342d5ad7168b7.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
dd63745d035a31e8ff92c9879560cd131f5eb809ff8bcaf4d52342d5ad7168b7.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
dd63745d035a31e8ff92c9879560cd131f5eb809ff8bcaf4d52342d5ad7168b7
-
Size
1.1MB
-
MD5
63262d885b2d4bfd0418721df73dbb30
-
SHA1
55025d3677a63e50000e3ffbb98bfabf8c73b4ba
-
SHA256
dd63745d035a31e8ff92c9879560cd131f5eb809ff8bcaf4d52342d5ad7168b7
-
SHA512
2d43c3bb56102ebd07563d14b6c41f9101585e7519b190fe5ef50e9c7571fc56f7e3e43d77958ad944eb976976976406f71df6abf4165a039117c4db0e0c9293
-
SSDEEP
24576:ujmzp9dKb9R3n9Owg+3P5WV3CVZ9glt6Uqk5Dyw+m4eFAUWss0l:ujmVTSy+3PcV3K9qt6NkWJeFA3sh
Score8/10-
Executes dropped EXE
-
Sets service image path in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-