General
-
Target
b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2
-
Size
864KB
-
Sample
221203-hkfh2sgd9y
-
MD5
aee9d12ec17e9fc250cfb56f9a530e36
-
SHA1
509405a33897700ee9d294c92397b352288ab342
-
SHA256
b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2
-
SHA512
4b75e0bf47e41b984bba62259e770e54963c141c71bfcc6a0bbc36068a37fadcef9c9d5177192dd544e060440fa51eb532780e4850d57aedce98764a64c96d46
-
SSDEEP
24576:SMkuNMkBhiyJRwQnN2K3yWds0JkKyVx+HNrUQRqM8:rkuNMkTialcadsLz+tgQM
Static task
static1
Behavioral task
behavioral1
Sample
b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2.dll
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2
-
Size
864KB
-
MD5
aee9d12ec17e9fc250cfb56f9a530e36
-
SHA1
509405a33897700ee9d294c92397b352288ab342
-
SHA256
b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2
-
SHA512
4b75e0bf47e41b984bba62259e770e54963c141c71bfcc6a0bbc36068a37fadcef9c9d5177192dd544e060440fa51eb532780e4850d57aedce98764a64c96d46
-
SSDEEP
24576:SMkuNMkBhiyJRwQnN2K3yWds0JkKyVx+HNrUQRqM8:rkuNMkTialcadsLz+tgQM
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-