General
-
Target
83b8dd4ce63ffe0bf77052f1c81bdb7ba8f433252d47371803f9a0aa1f16a5f1
-
Size
408KB
-
Sample
221203-gr7ensec7y
-
MD5
b00b72c6de1c42cefe3bf176670046e7
-
SHA1
058e8e9f618245a62c7fa6c69c873624977c8016
-
SHA256
83b8dd4ce63ffe0bf77052f1c81bdb7ba8f433252d47371803f9a0aa1f16a5f1
-
SHA512
b63ffee0350bf092d19b69bfcd05284c0af7223ad891429ab7af3e037dc83e251eaa85d587a344ccf9ab489fe2ae1438e0730952978981310fbfa1350d3a79f6
-
SSDEEP
12288:R7M3m1Fo3ZMtTErzAwkFtCg3RTEwLxgKGsPTK2xu8ol6sZzyUiCcvy40cShj5cIU:q3AYZIwuUi1vyvcbL
Malware Config
Targets
-
-
Target
83b8dd4ce63ffe0bf77052f1c81bdb7ba8f433252d47371803f9a0aa1f16a5f1
-
Size
408KB
-
MD5
b00b72c6de1c42cefe3bf176670046e7
-
SHA1
058e8e9f618245a62c7fa6c69c873624977c8016
-
SHA256
83b8dd4ce63ffe0bf77052f1c81bdb7ba8f433252d47371803f9a0aa1f16a5f1
-
SHA512
b63ffee0350bf092d19b69bfcd05284c0af7223ad891429ab7af3e037dc83e251eaa85d587a344ccf9ab489fe2ae1438e0730952978981310fbfa1350d3a79f6
-
SSDEEP
12288:R7M3m1Fo3ZMtTErzAwkFtCg3RTEwLxgKGsPTK2xu8ol6sZzyUiCcvy40cShj5cIU:q3AYZIwuUi1vyvcbL
Score10/10-
Modifies firewall policy service
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-