General
-
Target
7229ea1ca5a1428a3b0ff558f4fef2177022b062cb5238aa0b32c3b32e726d98
-
Size
519KB
-
Sample
221125-1mappaha54
-
MD5
2604cfd761ed4cfb64e1e9b593caba9c
-
SHA1
93866e9fe3aa33cd6d6c9d766798d164af602c28
-
SHA256
7229ea1ca5a1428a3b0ff558f4fef2177022b062cb5238aa0b32c3b32e726d98
-
SHA512
957a8166ee05576267f2f8563ca39a6ca6c0d5315609e396f6ddd2fd1ee66b380de5c88e3f552dbfef7aed5dbd0d67432db54c1b69be56a8c9dde25b189dab51
-
SSDEEP
12288:pJmYRm16gzMfNbmPOJvGGXr8zOYbZLvJOnFfeYlY2X:g6kMFSPYvVXryLvIntllTX
Static task
static1
Behavioral task
behavioral1
Sample
stonepollp33_zh.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
stonepollp33_zh.exe
-
Size
1.2MB
-
MD5
b777e98358e8c711ab550a97bd99602a
-
SHA1
2855cfefd2f8927ea8b28507db3b48bf89b10f32
-
SHA256
2708b957f15c6c7e2a2107f9a6c0d5faecd4512b5dca7f2569e2abb1115f107a
-
SHA512
a11f32277f562678abb4c40fe3a06559eb525da5ba31f6e0c30a840691b4cd4a4f06eb6a67ff252aebde29c391f6016b95707d0fc44af5cb0d636cb2c6773758
-
SSDEEP
24576:SCkHLS1NZmEe4E+6ssLCXMVGVF3kNXbpmgc5G3M:SCLeTAXSWF3kNXggc57
-
Detect Blackmoon payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-