General
-
Target
cd8fdc43e7b00d9bd34d4f6fb477e66968b302692e8ccf040e6f180620ac5c19
-
Size
1.2MB
-
Sample
221201-v2hqysfa5v
-
MD5
22fde0753062a2e7921d59fe64d6f7cc
-
SHA1
c6f1d83d64cfa541ea907d527bc79c698d337643
-
SHA256
cd8fdc43e7b00d9bd34d4f6fb477e66968b302692e8ccf040e6f180620ac5c19
-
SHA512
a1e024571711dab2ca9eb33f9b8371eb277cd1b708668c6b7c87ed41beec640151f2b1f775b640ec8139b598c4b298fe5bae2d2b4253142fe7fdec3f2e2aaf04
-
SSDEEP
24576:LDFq/8wVCMozowl4as1Y+zijEJq95/T+f8hDZ9VMMwsR+jlL79VJoLwl/Q:LDFq/8KC1TUY+ziwq9ty0hDHVqJjB9Q/
Static task
static1
Behavioral task
behavioral1
Sample
cd8fdc43e7b00d9bd34d4f6fb477e66968b302692e8ccf040e6f180620ac5c19.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
cd8fdc43e7b00d9bd34d4f6fb477e66968b302692e8ccf040e6f180620ac5c19
-
Size
1.2MB
-
MD5
22fde0753062a2e7921d59fe64d6f7cc
-
SHA1
c6f1d83d64cfa541ea907d527bc79c698d337643
-
SHA256
cd8fdc43e7b00d9bd34d4f6fb477e66968b302692e8ccf040e6f180620ac5c19
-
SHA512
a1e024571711dab2ca9eb33f9b8371eb277cd1b708668c6b7c87ed41beec640151f2b1f775b640ec8139b598c4b298fe5bae2d2b4253142fe7fdec3f2e2aaf04
-
SSDEEP
24576:LDFq/8wVCMozowl4as1Y+zijEJq95/T+f8hDZ9VMMwsR+jlL79VJoLwl/Q:LDFq/8KC1TUY+ziwq9ty0hDHVqJjB9Q/
Score8/10-
Modifies Installed Components in the registry
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-