General
-
Target
7474861a84b08d8a11092a12900011e9eefb8aa617b275a420289503d8ceaa39
-
Size
1.4MB
-
Sample
221124-fv871abc62
-
MD5
b3b58316d04d7c947d1041c1268c150d
-
SHA1
9f21e538b2a00aff4ed87ffbaf23da8285b3456f
-
SHA256
7474861a84b08d8a11092a12900011e9eefb8aa617b275a420289503d8ceaa39
-
SHA512
7efb64792ecfdcc8d5ecd1c76e261b3e03f86aa4f8a4a8a02ebca9356d3a9d903a550079cdfaff10af8ba5c2267f1069ce0521c0ed5ec9861a9bb4943d4760ec
-
SSDEEP
24576:7wgANAvijIgVsRYO6rw2yKidN0dnG2SUYPudf3i3j1ji:PIQijIgCRYVrw9HdNWVpGuE3j1ji
Static task
static1
Behavioral task
behavioral1
Sample
7474861a84b08d8a11092a12900011e9eefb8aa617b275a420289503d8ceaa39.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
7474861a84b08d8a11092a12900011e9eefb8aa617b275a420289503d8ceaa39.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
7474861a84b08d8a11092a12900011e9eefb8aa617b275a420289503d8ceaa39
-
Size
1.4MB
-
MD5
b3b58316d04d7c947d1041c1268c150d
-
SHA1
9f21e538b2a00aff4ed87ffbaf23da8285b3456f
-
SHA256
7474861a84b08d8a11092a12900011e9eefb8aa617b275a420289503d8ceaa39
-
SHA512
7efb64792ecfdcc8d5ecd1c76e261b3e03f86aa4f8a4a8a02ebca9356d3a9d903a550079cdfaff10af8ba5c2267f1069ce0521c0ed5ec9861a9bb4943d4760ec
-
SSDEEP
24576:7wgANAvijIgVsRYO6rw2yKidN0dnG2SUYPudf3i3j1ji:PIQijIgCRYVrw9HdNWVpGuE3j1ji
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-