General
-
Target
7643d72e19fdaeb359c5ab51417357040e2044cec1e8ac03245cb22d2261be01
-
Size
1.2MB
-
Sample
221127-ycql2shb6v
-
MD5
a0882b42ec099e8b77a0bb39741bcff5
-
SHA1
caf8e2ad62b90ce830b0ce63638699e2b236b863
-
SHA256
7643d72e19fdaeb359c5ab51417357040e2044cec1e8ac03245cb22d2261be01
-
SHA512
33419c6c167ae76a367afef14d165d9fdfd3fa4ea777bc8a689720a4694a2af8ebcb11c1dbbc596bbf20dd8935bf9dd13a8d6bb206a365bd89cb867f51a96cb1
-
SSDEEP
24576:gN11tlntuzpt1uwz//Jc9VuwxUtyPdUhx0gGhGKMUHOcDZK6TcHG:YrAt1PLJK0gGhxShZRHOcD3Td
Behavioral task
behavioral1
Sample
ARP_ɫվ.url
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
ARP_ɫվ.url
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
սʬͻ/FSMON.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
սʬͻ/FSMON.dll
Resource
win10v2004-20220901-en
Behavioral task
behavioral5
Sample
սʬͻ/սʬͻ.exe
Resource
win7-20220901-en
Behavioral task
behavioral6
Sample
սʬͻ/սʬͻ.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
.url
Resource
win7-20220901-en
Behavioral task
behavioral8
Sample
.url
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
ARP_ɫվ.url
-
Size
296B
-
MD5
e9a649a6ef7d0ca04461abf899cb3d57
-
SHA1
751d27922f8eb48ac675fdeb0964e4ecd6b97e71
-
SHA256
b06c3f2b947d9abf0dfe4a7324911dc0179013138a85b313858aa263bf517af7
-
SHA512
b89f37164ed1d0200af944384f951b525c194f1fb01a2f79d02c3af33f82d71349db3a9b71b0a9f9835c3bf5b90a92f689d09499e0f6a5445dbae7dc337224da
Score1/10 -
-
-
Target
սʬͻ/FSMON.DLL
-
Size
808KB
-
MD5
a64b6bd81946099304da6f3be9610a50
-
SHA1
98daddca2610e275f3beddd56f29973c3605debc
-
SHA256
e0695337213c971ffd19328928cf1b701e2cd89f6bba3235f1330a7057872058
-
SHA512
e291265dd126753cae479045b8830ca31d57d14adb5a682fa4bb5c704b27109298eed5528a3d845e0635da00120fa9554173bfc2f00c1fd5f2b3f057346ea7d8
-
SSDEEP
24576:1NxD6TO4LhtzHcfMqEbn+kZC9AQfCcKBdzIb3cz24:74TXLLHcbe+USo0bsz24
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
-
-
Target
սʬͻ/սʬͻ.exe
-
Size
769KB
-
MD5
8354feb38f8f6db5d3ae96570a80cd99
-
SHA1
9689fa9595d3753c266f54ab4ae3bfa6c6c949ac
-
SHA256
06d5d50419daa4dca974cf52b5ca051664ec9ab4800f45e8b3185b2acdb5bccb
-
SHA512
2f37fb0df19141f2faa0e23692530139706e83d928b7fdc67924ee970c9d58eb9a7fbbd192f36ab93ab1e9f1215f3ad547bdfa9092ae907541a53e2611b0bb5d
-
SSDEEP
12288:qEToiSxW7e7RJlM9KX5qce1F5RgOsguxrd6Iu93w9up+IRXURelNZi+uesixqxOP:q3b0itXMKWRD1uqv3ywYeluAAOzNjoW
Score8/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
.url
-
Size
367B
-
MD5
d8c4663d9392fa75e61b9a3423e1dc85
-
SHA1
7d2b2a269349c77acb30a43b5369dedfd9959f69
-
SHA256
c53b912ff65191bca2caf13bb527a95593b275f057c39cbdc4bb2505225a2bf5
-
SHA512
fcb6accf4bce2ab6f4ac3ac521562ef8568443f4ea7aa2a9a6911c91ac39d1c15b9fa7499feb76774cb7445d7d7d10a7fc42e02a8a279b9883c1b83a45de208b
Score1/10 -