General
-
Target
a14848d5d7118fc5e265d956ac857703bb433b5b9b5029ae9ec38ab10d3b9e3c
-
Size
2.1MB
-
Sample
221002-zfgnzshhe7
-
MD5
6b8f922e24b6953f1646942d1fbb5493
-
SHA1
863747f5c00f71635ba9bc7ca7ed158e98852c6f
-
SHA256
a14848d5d7118fc5e265d956ac857703bb433b5b9b5029ae9ec38ab10d3b9e3c
-
SHA512
8e6991fce2939e1745d1d1dec8a0ef793706c22c4135c388a0662fd4f4355afa00ecd590b83e51a50ef295cf2536a9a3d060868de13496971e42ec33929c3028
-
SSDEEP
49152:Zl8V/HfDl3v33vqkWo2+rZra+hciZvCOhRv:ZqZ/ZfnvZWo/5hciZvCO7v
Behavioral task
behavioral1
Sample
a14848d5d7118fc5e265d956ac857703bb433b5b9b5029ae9ec38ab10d3b9e3c.dll
Resource
win7-20220812-en
Malware Config
Targets
-
-
Target
a14848d5d7118fc5e265d956ac857703bb433b5b9b5029ae9ec38ab10d3b9e3c
-
Size
2.1MB
-
MD5
6b8f922e24b6953f1646942d1fbb5493
-
SHA1
863747f5c00f71635ba9bc7ca7ed158e98852c6f
-
SHA256
a14848d5d7118fc5e265d956ac857703bb433b5b9b5029ae9ec38ab10d3b9e3c
-
SHA512
8e6991fce2939e1745d1d1dec8a0ef793706c22c4135c388a0662fd4f4355afa00ecd590b83e51a50ef295cf2536a9a3d060868de13496971e42ec33929c3028
-
SSDEEP
49152:Zl8V/HfDl3v33vqkWo2+rZra+hciZvCOhRv:ZqZ/ZfnvZWo/5hciZvCO7v
-
Detect Blackmoon payload
-
Blocklisted process makes network request
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-