General
-
Target
a7fd07dc0abb12be563200627164211884534fda523606ac5eb17572f64b3657
-
Size
426KB
-
Sample
221201-ynx59sab5w
-
MD5
d104ed6809cccf794135204478f634c2
-
SHA1
e05a1cdc30127dd38be0db9afe5828c0f91d99c2
-
SHA256
a7fd07dc0abb12be563200627164211884534fda523606ac5eb17572f64b3657
-
SHA512
9ef7b8fa820073dbe208bde9742395e8e660b0313cab137e898d4cc52dec0103b6ca0da76a248363690e96de3a768589ea235840886baccf1dc9a4da697013dd
-
SSDEEP
6144:SDhCdYx7WL5dNy0uewsL5iOjA+/g/vfV4xjhuoNiYQSRgJ7Ui71bhzYof:S8k7hZoL5iB+/g/VOsoxQ+871bR
Malware Config
Targets
-
-
Target
a7fd07dc0abb12be563200627164211884534fda523606ac5eb17572f64b3657
-
Size
426KB
-
MD5
d104ed6809cccf794135204478f634c2
-
SHA1
e05a1cdc30127dd38be0db9afe5828c0f91d99c2
-
SHA256
a7fd07dc0abb12be563200627164211884534fda523606ac5eb17572f64b3657
-
SHA512
9ef7b8fa820073dbe208bde9742395e8e660b0313cab137e898d4cc52dec0103b6ca0da76a248363690e96de3a768589ea235840886baccf1dc9a4da697013dd
-
SSDEEP
6144:SDhCdYx7WL5dNy0uewsL5iOjA+/g/vfV4xjhuoNiYQSRgJ7Ui71bhzYof:S8k7hZoL5iB+/g/VOsoxQ+871bR
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-