General
-
Target
0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5
-
Size
25MB
-
Sample
230330-h3gh3ach8y
-
MD5
d26dc1596949eb18a796a336bd9ccfae
-
SHA1
b2f5ca9fcc2b9b094d90fd218b58811d40a0a1a1
-
SHA256
0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5
-
SHA512
903c44fbc4a2bfb13a0b71724550dd3780c209f448123e4691f0ff1dfa837ea7c3e117f67e089e62293770220124aa0161e0663bd3ef2a7f17491edcf4bc71ea
-
SSDEEP
786432:7jGT5rmZkvv5Ki6ZNDRLPjqLBeYPWEiR4mEAnG4f3V:7jG1mZkhqNLPmLMu7a/EA9t
Static task
static1
Behavioral task
behavioral1
Sample
0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5
-
Size
25MB
-
MD5
d26dc1596949eb18a796a336bd9ccfae
-
SHA1
b2f5ca9fcc2b9b094d90fd218b58811d40a0a1a1
-
SHA256
0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5
-
SHA512
903c44fbc4a2bfb13a0b71724550dd3780c209f448123e4691f0ff1dfa837ea7c3e117f67e089e62293770220124aa0161e0663bd3ef2a7f17491edcf4bc71ea
-
SSDEEP
786432:7jGT5rmZkvv5Ki6ZNDRLPjqLBeYPWEiR4mEAnG4f3V:7jG1mZkhqNLPmLMu7a/EA9t
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-