General
-
Target
d6c41331ea31ac35444db10c7df922d63de5220b642b0846518c7b7b8dfe16e3
-
Size
1.0MB
-
Sample
221127-rgte6sgf7y
-
MD5
e3d5ec13be07a026224cc07506b97cb8
-
SHA1
6cbb30532a6ff5a6799778a9ea4b36765a463123
-
SHA256
d6c41331ea31ac35444db10c7df922d63de5220b642b0846518c7b7b8dfe16e3
-
SHA512
90ba2e803ee47f2c0d6112040361eb645a2797183a7bb496f7ab99fbe738abf8865c18a973960750285ae09c15643fe957fe5b9187f7de0982b801248af05443
-
SSDEEP
24576:OcIVuXEXMURB2z38zc8LROYJ2i+px1puVz3CDfpGhoTAKy4f:OcI7JB4MHRFk49S7CAD
Behavioral task
behavioral1
Sample
d6c41331ea31ac35444db10c7df922d63de5220b642b0846518c7b7b8dfe16e3.dll
Resource
win7-20220901-en
Malware Config
Targets
-
-
Target
d6c41331ea31ac35444db10c7df922d63de5220b642b0846518c7b7b8dfe16e3
-
Size
1.0MB
-
MD5
e3d5ec13be07a026224cc07506b97cb8
-
SHA1
6cbb30532a6ff5a6799778a9ea4b36765a463123
-
SHA256
d6c41331ea31ac35444db10c7df922d63de5220b642b0846518c7b7b8dfe16e3
-
SHA512
90ba2e803ee47f2c0d6112040361eb645a2797183a7bb496f7ab99fbe738abf8865c18a973960750285ae09c15643fe957fe5b9187f7de0982b801248af05443
-
SSDEEP
24576:OcIVuXEXMURB2z38zc8LROYJ2i+px1puVz3CDfpGhoTAKy4f:OcI7JB4MHRFk49S7CAD
Score7/10-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-