General
-
Target
5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
-
Size
2.5MB
-
Sample
221125-lfvzqagb22
-
MD5
8e5a651d0b0c4088a4e34ac9091c05d7
-
SHA1
6033b7c8fb7ebd6176a98d09cd2ee0afa1fe5cb7
-
SHA256
5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
-
SHA512
a47599c15ce45a678e35d6e8b4a486208d867e5e7af4b5d29e2d4d210b51e0f4d3607fd0762fa20bf1b0c9a926fdc26d9253c4a55efae40bb0dc2db0ca9bc376
-
SSDEEP
49152:tVPOE69onqxGYOP00L1KqQYwH5wfUaqXuY1v:UGqEP00AqQX5XLXuY1v
Static task
static1
Behavioral task
behavioral1
Sample
5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9.dll
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
-
Size
2.5MB
-
MD5
8e5a651d0b0c4088a4e34ac9091c05d7
-
SHA1
6033b7c8fb7ebd6176a98d09cd2ee0afa1fe5cb7
-
SHA256
5e1e21f19f72bc4d092c5e1bbaf60f143193c8230a894a70b1e15e6fcc5c55e9
-
SHA512
a47599c15ce45a678e35d6e8b4a486208d867e5e7af4b5d29e2d4d210b51e0f4d3607fd0762fa20bf1b0c9a926fdc26d9253c4a55efae40bb0dc2db0ca9bc376
-
SSDEEP
49152:tVPOE69onqxGYOP00L1KqQYwH5wfUaqXuY1v:UGqEP00AqQX5XLXuY1v
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-