General
-
Target
bd3cf8dbf50c46c72d1b512d9a0185d8127e0e3a8735d93bf87fdf0a5843c7c9
-
Size
17KB
-
Sample
221201-w798tsca31
-
MD5
1f54db8e2133f535609b3eda1db7d869
-
SHA1
32a038fd9fc7acca9886e54c860949d0b3a93599
-
SHA256
bd3cf8dbf50c46c72d1b512d9a0185d8127e0e3a8735d93bf87fdf0a5843c7c9
-
SHA512
df62fe3f0c5178dc69b1db65c2ae8a5f062f5443e4cc2a26735a38d0ee38c38483add46ae2627d23d8a28b4fdabbbea792d6a1f785c949326e292f75db079d4b
-
SSDEEP
384:/AhgmZnWs/FBSPGvBm/Qbw7gZTErM/JtnObH0/RtDlFjBsEu:/2gB7GpmaH/JQL0/rC
Behavioral task
behavioral1
Sample
bd3cf8dbf50c46c72d1b512d9a0185d8127e0e3a8735d93bf87fdf0a5843c7c9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
bd3cf8dbf50c46c72d1b512d9a0185d8127e0e3a8735d93bf87fdf0a5843c7c9.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
bd3cf8dbf50c46c72d1b512d9a0185d8127e0e3a8735d93bf87fdf0a5843c7c9
-
Size
17KB
-
MD5
1f54db8e2133f535609b3eda1db7d869
-
SHA1
32a038fd9fc7acca9886e54c860949d0b3a93599
-
SHA256
bd3cf8dbf50c46c72d1b512d9a0185d8127e0e3a8735d93bf87fdf0a5843c7c9
-
SHA512
df62fe3f0c5178dc69b1db65c2ae8a5f062f5443e4cc2a26735a38d0ee38c38483add46ae2627d23d8a28b4fdabbbea792d6a1f785c949326e292f75db079d4b
-
SSDEEP
384:/AhgmZnWs/FBSPGvBm/Qbw7gZTErM/JtnObH0/RtDlFjBsEu:/2gB7GpmaH/JQL0/rC
Score8/10-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-