General
-
Target
2d3e6261d0b1e621039861a054d31293c816261928afffa18ac91c2cc4039f18
-
Size
25.9MB
-
Sample
230330-h4m28sbd72
-
MD5
5fe9f478ed6a614c972c64219d1ce731
-
SHA1
ef6b61f51551c6581ee349f3cfaf94bd0a6f3da3
-
SHA256
2d3e6261d0b1e621039861a054d31293c816261928afffa18ac91c2cc4039f18
-
SHA512
bff24fccaf36ac35da9065825bab40e489ba8f9c4007227c6f73cdb24f339a57f7f7aec6baa863ee9a8187ae02f615d34a8ac0b90aebe80378cc97522200c6d5
-
SSDEEP
786432:8j9RPCFJ/FZNDRLPjqLBeYPWEiR4mEAnG4f3L:8j9RyfNLPmLMu7a/EA9j
Static task
static1
Behavioral task
behavioral1
Sample
2d3e6261d0b1e621039861a054d31293c816261928afffa18ac91c2cc4039f18.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2d3e6261d0b1e621039861a054d31293c816261928afffa18ac91c2cc4039f18.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
2d3e6261d0b1e621039861a054d31293c816261928afffa18ac91c2cc4039f18
-
Size
25.9MB
-
MD5
5fe9f478ed6a614c972c64219d1ce731
-
SHA1
ef6b61f51551c6581ee349f3cfaf94bd0a6f3da3
-
SHA256
2d3e6261d0b1e621039861a054d31293c816261928afffa18ac91c2cc4039f18
-
SHA512
bff24fccaf36ac35da9065825bab40e489ba8f9c4007227c6f73cdb24f339a57f7f7aec6baa863ee9a8187ae02f615d34a8ac0b90aebe80378cc97522200c6d5
-
SSDEEP
786432:8j9RPCFJ/FZNDRLPjqLBeYPWEiR4mEAnG4f3L:8j9RyfNLPmLMu7a/EA9j
Score7/10-
Loads dropped DLL
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-