General
-
Target
9f1394269d0cddb87380fa9fe88831036de458ac6fe1b3f517cb7ae60656bedd
-
Size
1.1MB
-
Sample
221205-jgvn8shd33
-
MD5
f0a6c4647312bff08c613178893702e1
-
SHA1
904dc8720fa1a9ed98d032d9f56ffbff6410757a
-
SHA256
9f1394269d0cddb87380fa9fe88831036de458ac6fe1b3f517cb7ae60656bedd
-
SHA512
a489b6bb24dcbdb9b1667e6af37d8df53dcc35901aa05e9c6cf43001841f158057bbdd4564c81801debb55b674864107c03f9c0e8ea99d966ebc38bde8fa4ba3
-
SSDEEP
24576:Chebrn/mG9Pwrn/POzMQGEvGEg5inu3i6ZTdDiUSgwt9faL+Wdi3oBMct3lVW6i8:ChArn/X9Pwrn/POzMQGEvGE0inu3i6ZH
Malware Config
Targets
-
-
Target
9f1394269d0cddb87380fa9fe88831036de458ac6fe1b3f517cb7ae60656bedd
-
Size
1.1MB
-
MD5
f0a6c4647312bff08c613178893702e1
-
SHA1
904dc8720fa1a9ed98d032d9f56ffbff6410757a
-
SHA256
9f1394269d0cddb87380fa9fe88831036de458ac6fe1b3f517cb7ae60656bedd
-
SHA512
a489b6bb24dcbdb9b1667e6af37d8df53dcc35901aa05e9c6cf43001841f158057bbdd4564c81801debb55b674864107c03f9c0e8ea99d966ebc38bde8fa4ba3
-
SSDEEP
24576:Chebrn/mG9Pwrn/POzMQGEvGEg5inu3i6ZTdDiUSgwt9faL+Wdi3oBMct3lVW6i8:ChArn/X9Pwrn/POzMQGEvGE0inu3i6ZH
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-