General
-
Target
386c8f77a22601e485d45d310278ba5e73bd27ea0e9d9298387e7e326e271b66
-
Size
479KB
-
Sample
221125-c98cgafd66
-
MD5
a3bada2dbbf2eafaf7a09c280341de26
-
SHA1
0d4a73112c519ac6d5b63e9eddd8d3bc045e7b18
-
SHA256
386c8f77a22601e485d45d310278ba5e73bd27ea0e9d9298387e7e326e271b66
-
SHA512
ceb0d0778497927d534e0ec8152165cd7e7e76c9ea53e7a3b7b763baa3003cef2e032a89a4989358ae8abda55a09c90d536254f9b179524b8ed472a6065118bd
-
SSDEEP
12288:MyBZUZO1TyPgqOy6AJmkBFEbGaz1Thf/:MyBZeONyoqd6AJFuz1
Static task
static1
Behavioral task
behavioral1
Sample
386c8f77a22601e485d45d310278ba5e73bd27ea0e9d9298387e7e326e271b66.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
386c8f77a22601e485d45d310278ba5e73bd27ea0e9d9298387e7e326e271b66.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
386c8f77a22601e485d45d310278ba5e73bd27ea0e9d9298387e7e326e271b66
-
Size
479KB
-
MD5
a3bada2dbbf2eafaf7a09c280341de26
-
SHA1
0d4a73112c519ac6d5b63e9eddd8d3bc045e7b18
-
SHA256
386c8f77a22601e485d45d310278ba5e73bd27ea0e9d9298387e7e326e271b66
-
SHA512
ceb0d0778497927d534e0ec8152165cd7e7e76c9ea53e7a3b7b763baa3003cef2e032a89a4989358ae8abda55a09c90d536254f9b179524b8ed472a6065118bd
-
SSDEEP
12288:MyBZUZO1TyPgqOy6AJmkBFEbGaz1Thf/:MyBZeONyoqd6AJFuz1
Score10/10-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-