General
-
Target
b94ff8c760bfb03fec88b884e49803a73ad3af299e6cb6c6ea6d41318f80c3cd
-
Size
401KB
-
Sample
221203-hbrjyscd33
-
MD5
3621f8096cb59d03b8cfd18c865f0820
-
SHA1
d29be87089c2d3140ad210e56fd70c463036e543
-
SHA256
b94ff8c760bfb03fec88b884e49803a73ad3af299e6cb6c6ea6d41318f80c3cd
-
SHA512
4882c0fc6915a263786edbb5ac17679a086e1e3895aa4038d31e57860b38085936a91e7f3ad05ddbe364415e9f245f9bf3ef7f219a7f52759f686ad2f64c833b
-
SSDEEP
12288:oj7F1MU7UW/jP8EYFzr+ayqWMNcG6rzCD6W1K3DnsKp/v7np:oj7F1BLMB+rG6jW4DsKpt
Malware Config
Targets
-
-
Target
b94ff8c760bfb03fec88b884e49803a73ad3af299e6cb6c6ea6d41318f80c3cd
-
Size
401KB
-
MD5
3621f8096cb59d03b8cfd18c865f0820
-
SHA1
d29be87089c2d3140ad210e56fd70c463036e543
-
SHA256
b94ff8c760bfb03fec88b884e49803a73ad3af299e6cb6c6ea6d41318f80c3cd
-
SHA512
4882c0fc6915a263786edbb5ac17679a086e1e3895aa4038d31e57860b38085936a91e7f3ad05ddbe364415e9f245f9bf3ef7f219a7f52759f686ad2f64c833b
-
SSDEEP
12288:oj7F1MU7UW/jP8EYFzr+ayqWMNcG6rzCD6W1K3DnsKp/v7np:oj7F1BLMB+rG6jW4DsKpt
Score8/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Deletes itself
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-