General
-
Target
tofminiloader_Zw7BIGNgiVU.wg.intl.exe
-
Size
8.9MB
-
Sample
230318-dbmtjsba29
-
MD5
4b7aa444a4e50067e90c8af2193f7a86
-
SHA1
8be7995cba623189df35644d108a9ebe0c4d9c15
-
SHA256
ef3da4b7c93da3194641787efe3970ad772ae3ae92e6190812f10625ebcf273c
-
SHA512
5ae1ef36d45d7d11676f2eea3649255613701a0ff55e691817a16d1dd865a07d9c365c5a34beaf597a1b53dbe77dc48c2fcc018eb2d16e36910bc73b82290256
-
SSDEEP
196608:BcxYsc9FA9NOKfMoQMeGt6NMxA2jDDQZY5WF5r4T9ksQAv:O2sR9UK3QrGt6NiAJNd4TeAv
Static task
static1
Behavioral task
behavioral1
Sample
tofminiloader_Zw7BIGNgiVU.wg.intl.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tofminiloader_Zw7BIGNgiVU.wg.intl.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
tofminiloader_Zw7BIGNgiVU.wg.intl.exe
-
Size
8.9MB
-
MD5
4b7aa444a4e50067e90c8af2193f7a86
-
SHA1
8be7995cba623189df35644d108a9ebe0c4d9c15
-
SHA256
ef3da4b7c93da3194641787efe3970ad772ae3ae92e6190812f10625ebcf273c
-
SHA512
5ae1ef36d45d7d11676f2eea3649255613701a0ff55e691817a16d1dd865a07d9c365c5a34beaf597a1b53dbe77dc48c2fcc018eb2d16e36910bc73b82290256
-
SSDEEP
196608:BcxYsc9FA9NOKfMoQMeGt6NMxA2jDDQZY5WF5r4T9ksQAv:O2sR9UK3QrGt6NiAJNd4TeAv
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-