General

  • Target

    b9b8aedfb1b2bd5f88d78ebf3c0e908db142888f3a0dbf1cc179f62048ff3010

  • Size

    3.2MB

  • Sample

    221129-zp6pgaad3s

  • MD5

    29682fba3931fd39ef71f1fe16825f15

  • SHA1

    bd1d5c50ae1c3eb98f1236e3c588a580c9d62642

  • SHA256

    b9b8aedfb1b2bd5f88d78ebf3c0e908db142888f3a0dbf1cc179f62048ff3010

  • SHA512

    1545adc1e8920281917856ee1272707f9e3bd92856f0cc896f94a9b0c31d2e50727a54054ed284a7ed253d1307f476b320813c5e7dcc12968026b90f34d052b9

  • SSDEEP

    49152:QbWa1KziKPkChAyGWv4uA9lAK/G6c+5QhzGXywq0RVZPAR:QbWaaG0BK/c+ChKiwvZPm

Malware Config

Targets

    • Target

      b9b8aedfb1b2bd5f88d78ebf3c0e908db142888f3a0dbf1cc179f62048ff3010

    • Size

      3.2MB

    • MD5

      29682fba3931fd39ef71f1fe16825f15

    • SHA1

      bd1d5c50ae1c3eb98f1236e3c588a580c9d62642

    • SHA256

      b9b8aedfb1b2bd5f88d78ebf3c0e908db142888f3a0dbf1cc179f62048ff3010

    • SHA512

      1545adc1e8920281917856ee1272707f9e3bd92856f0cc896f94a9b0c31d2e50727a54054ed284a7ed253d1307f476b320813c5e7dcc12968026b90f34d052b9

    • SSDEEP

      49152:QbWa1KziKPkChAyGWv4uA9lAK/G6c+5QhzGXywq0RVZPAR:QbWaaG0BK/c+ChKiwvZPm

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Tasks