General
-
Target
5e1c036e9b2f6801fca368d78557bc0257c0582befe8702f8c32e3b1a4a7b014
-
Size
2.1MB
-
Sample
221128-xkq24sch8w
-
MD5
e140631ab79224484ae4fda102b744d9
-
SHA1
fd9485beac3ec8e65eeccb7ba9a42824692b4162
-
SHA256
5e1c036e9b2f6801fca368d78557bc0257c0582befe8702f8c32e3b1a4a7b014
-
SHA512
b21d0fde7be4080e1925fd5c06c48301373451b201e209f517469312256d052dfe722e36db434b91685e10ea584ecdb65ccdb8f46ef5819e21bd089e6f52d6bd
-
SSDEEP
49152:+nTnSJ1QleMf1D5xtL4P9nueWMZm9G1BIvM35aw3u:SMQECr34P9njGGTt5J3
Static task
static1
Behavioral task
behavioral1
Sample
5e1c036e9b2f6801fca368d78557bc0257c0582befe8702f8c32e3b1a4a7b014.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
5e1c036e9b2f6801fca368d78557bc0257c0582befe8702f8c32e3b1a4a7b014.dll
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
5e1c036e9b2f6801fca368d78557bc0257c0582befe8702f8c32e3b1a4a7b014
-
Size
2.1MB
-
MD5
e140631ab79224484ae4fda102b744d9
-
SHA1
fd9485beac3ec8e65eeccb7ba9a42824692b4162
-
SHA256
5e1c036e9b2f6801fca368d78557bc0257c0582befe8702f8c32e3b1a4a7b014
-
SHA512
b21d0fde7be4080e1925fd5c06c48301373451b201e209f517469312256d052dfe722e36db434b91685e10ea584ecdb65ccdb8f46ef5819e21bd089e6f52d6bd
-
SSDEEP
49152:+nTnSJ1QleMf1D5xtL4P9nueWMZm9G1BIvM35aw3u:SMQECr34P9njGGTt5J3
Score10/10-
Detect Blackmoon payload
-
Blocklisted process makes network request
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-