General
-
Target
e5b84ca41fb3fad769a813ce66abe424c6995ede2450b57407d717e5f47830b0
-
Size
3.6MB
-
Sample
221129-zyw7dsgb74
-
MD5
fad1658fcca8cc6f8bf175f7a97df972
-
SHA1
1763b7b88ec330f101977192930058480cc6b6ae
-
SHA256
e5b84ca41fb3fad769a813ce66abe424c6995ede2450b57407d717e5f47830b0
-
SHA512
bbccf9bacdd1d25e2817551310b425e16f5185e7702331c6cc8a6dcf967426d0c4eee9c0f0dd4fedb126221885578eb4be2b5d6d57d8e65a1acf89221424f36d
-
SSDEEP
98304:X+pDaYlIjefFggxzvwn5hmdeEi3MEatfPCjs+sC37/QMU:upDPXggx85LEi3MEEqjs+8
Static task
static1
Behavioral task
behavioral1
Sample
e5b84ca41fb3fad769a813ce66abe424c6995ede2450b57407d717e5f47830b0.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
e5b84ca41fb3fad769a813ce66abe424c6995ede2450b57407d717e5f47830b0.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
e5b84ca41fb3fad769a813ce66abe424c6995ede2450b57407d717e5f47830b0
-
Size
3.6MB
-
MD5
fad1658fcca8cc6f8bf175f7a97df972
-
SHA1
1763b7b88ec330f101977192930058480cc6b6ae
-
SHA256
e5b84ca41fb3fad769a813ce66abe424c6995ede2450b57407d717e5f47830b0
-
SHA512
bbccf9bacdd1d25e2817551310b425e16f5185e7702331c6cc8a6dcf967426d0c4eee9c0f0dd4fedb126221885578eb4be2b5d6d57d8e65a1acf89221424f36d
-
SSDEEP
98304:X+pDaYlIjefFggxzvwn5hmdeEi3MEatfPCjs+sC37/QMU:upDPXggx85LEi3MEEqjs+8
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-