General
-
Target
85e8304712a15bdd776c25cdf30672e7be37b3a96ce3e7b8f9c8df104b81804f
-
Size
408KB
-
Sample
221203-gr6s5sec7x
-
MD5
d44012f6a2b41e815ee4ed8022c05cc7
-
SHA1
56cdad1716f5ae4855cd80e4e13566d37488dc11
-
SHA256
85e8304712a15bdd776c25cdf30672e7be37b3a96ce3e7b8f9c8df104b81804f
-
SHA512
f331f9abf60c581936b6382606cd4d2f0cd56fd74eb125111911f9df315a5cd3793ae4ea17f73f9f0026bb090b46715bc439402c0ec84201cbf172b22aad81ae
-
SSDEEP
12288:R7M3m1Fo3ZMtTErzAwkFtCg3RTEwLxgKGsPTK2xu8ol6sZzyUiCcvy40cShj5cIf:q3AYZIwuUi1vyvcbG
Malware Config
Targets
-
-
Target
85e8304712a15bdd776c25cdf30672e7be37b3a96ce3e7b8f9c8df104b81804f
-
Size
408KB
-
MD5
d44012f6a2b41e815ee4ed8022c05cc7
-
SHA1
56cdad1716f5ae4855cd80e4e13566d37488dc11
-
SHA256
85e8304712a15bdd776c25cdf30672e7be37b3a96ce3e7b8f9c8df104b81804f
-
SHA512
f331f9abf60c581936b6382606cd4d2f0cd56fd74eb125111911f9df315a5cd3793ae4ea17f73f9f0026bb090b46715bc439402c0ec84201cbf172b22aad81ae
-
SSDEEP
12288:R7M3m1Fo3ZMtTErzAwkFtCg3RTEwLxgKGsPTK2xu8ol6sZzyUiCcvy40cShj5cIf:q3AYZIwuUi1vyvcbG
Score10/10-
Modifies firewall policy service
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-