General
-
Target
DiskGenius.exe.7z
-
Size
17.1MB
-
Sample
221003-jzwn9aedd9
-
MD5
91601ccf1c206f1d87b7158f4ca30bd5
-
SHA1
ce426f9673fee3bd285e2f8883494dc67d17fc05
-
SHA256
4e1848f1f0cb0e785b8a834051a2d97e81e7bf287a532c73c6118da43ba46f2b
-
SHA512
8a9a2f892e11d014d18fa1a799f0a26c8410df046609525e06304dacf1679de7584def657f2cb6323165e8dcdddb1ca63a98b02912dec2b68fc14277bc8866a2
-
SSDEEP
393216:p5BIfMAgbmsgVjiQWTQvYClni89hIDz84fqH9XxZLNR:pEfMDbFMYYniCiM4fqHh
Static task
static1
Behavioral task
behavioral1
Sample
DiskGenius.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
DiskGenius.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
DiskGenius.exe
-
Size
27.0MB
-
MD5
a20ee95a97f752220dedbc6ecbe440e7
-
SHA1
221a00d0fff19b8ba17a38b14684ca3c5c0ff49b
-
SHA256
47b03540bedfa374a38d1aa9276a1e2e6201d1149e488614e700ce7df67c7279
-
SHA512
b56710d898d1e8eda12114581cce2008b183e40f875dddc43a63e4b1f8c9153ef66436e2d1f8cb3546f4ff04a615f911e922ab63af02b87f448a5611e7cad0ab
-
SSDEEP
786432:dVgPf4MiH1bhA0hccZmtT7LVvVjiWKv9nOxrmU32n/uSaQoy0urpRvpSkhASjIT:XgX4nVhccZ6bx09nOxrmU32n/uSaQoya
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-