General
-
Target
b8636c9cad5e022f0efe6dceef4c8b7ca0d14e2d6770c09dfcf987b1d5a7f381
-
Size
1.4MB
-
Sample
221206-p1wcrsaa52
-
MD5
1f037b698f3134e1105b9f298c6e8639
-
SHA1
62aed76a087a14f52400e4a2c51001dfbfd11e7b
-
SHA256
b8636c9cad5e022f0efe6dceef4c8b7ca0d14e2d6770c09dfcf987b1d5a7f381
-
SHA512
6f9ddb93e90be1dfdc822b78d36a08d30a0aa2ed2fe619786b1f1739b8730f8e2aadc2661feaad21367fb97e57044932cd6bfa6bb925ff3bf6ed52b5abe85ac1
-
SSDEEP
24576:RgJzgFqQHaZlTWkb1cbZBKls/UYG4IhNzDnmNUMuyJDe0Hnf:CWmTPb1c9BWs/UjNhBj6zdaof
Malware Config
Targets
-
-
Target
b8636c9cad5e022f0efe6dceef4c8b7ca0d14e2d6770c09dfcf987b1d5a7f381
-
Size
1.4MB
-
MD5
1f037b698f3134e1105b9f298c6e8639
-
SHA1
62aed76a087a14f52400e4a2c51001dfbfd11e7b
-
SHA256
b8636c9cad5e022f0efe6dceef4c8b7ca0d14e2d6770c09dfcf987b1d5a7f381
-
SHA512
6f9ddb93e90be1dfdc822b78d36a08d30a0aa2ed2fe619786b1f1739b8730f8e2aadc2661feaad21367fb97e57044932cd6bfa6bb925ff3bf6ed52b5abe85ac1
-
SSDEEP
24576:RgJzgFqQHaZlTWkb1cbZBKls/UYG4IhNzDnmNUMuyJDe0Hnf:CWmTPb1c9BWs/UjNhBj6zdaof
Score7/10-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-