General
-
Target
ef8c7f72e23cc6e38068566ca80bd2d395266e26c263551988d9c920b1d04845
-
Size
624KB
-
Sample
221125-2gnvsseg3x
-
MD5
c3201abf7146ab685f4ecb118036f020
-
SHA1
a0d0341530fede0c3e25d4bb050ceca72cf836f8
-
SHA256
ef8c7f72e23cc6e38068566ca80bd2d395266e26c263551988d9c920b1d04845
-
SHA512
40e8479c251355db393da589b6b306d690e02629391ff84747d38f4fc465cb2207f4fe6bfff872f67f86fac0e7fe6b6273a1bd5bc6bf1db30e0ba2ee6cbd0461
-
SSDEEP
12288:JPHtLcahfnqx6P3zal/J7ZSIVvY44/N7gkW74/msTIlTL:JPHtBYUzawIVvYddI4us
Behavioral task
behavioral1
Sample
ef8c7f72e23cc6e38068566ca80bd2d395266e26c263551988d9c920b1d04845.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ef8c7f72e23cc6e38068566ca80bd2d395266e26c263551988d9c920b1d04845.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
ef8c7f72e23cc6e38068566ca80bd2d395266e26c263551988d9c920b1d04845
-
Size
624KB
-
MD5
c3201abf7146ab685f4ecb118036f020
-
SHA1
a0d0341530fede0c3e25d4bb050ceca72cf836f8
-
SHA256
ef8c7f72e23cc6e38068566ca80bd2d395266e26c263551988d9c920b1d04845
-
SHA512
40e8479c251355db393da589b6b306d690e02629391ff84747d38f4fc465cb2207f4fe6bfff872f67f86fac0e7fe6b6273a1bd5bc6bf1db30e0ba2ee6cbd0461
-
SSDEEP
12288:JPHtLcahfnqx6P3zal/J7ZSIVvY44/N7gkW74/msTIlTL:JPHtBYUzawIVvYddI4us
Score6/10-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-