General
-
Target
Triphenylarsine.zip
-
Size
101KB
-
Sample
230331-zx9q4add82
-
MD5
7c2ab239a7dcf5fc6b13a07e666321ec
-
SHA1
ff054293b5420ec4c4449c5772699081670958de
-
SHA256
c2e771645fba089da50482f34c738ce3e2151d1fd102cc145d7d72122bf897ee
-
SHA512
1bdea0e8d49bd196404af4ba9dfb1428ecc7b6e48db1f83d3932e7d56e5b91c84e378021f28172b97954fb9e607f9423cb8f44278f39b67f6d7ac363b3939f3f
-
SSDEEP
3072:6nIY1Ub0NPfkrCoEktCLvb8ONSAXZ3a/MfxFS:6NUolG8ktCTYONSAXZ3yj
Static task
static1
Behavioral task
behavioral1
Sample
Triphenylarsine.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Triphenylarsine.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
Triphenylarsine.exe
-
Size
125KB
-
MD5
962068032e7d6fc2fa259d4c3c353f07
-
SHA1
87e0421776ffd5c542d8b3339b82a056813ad4ac
-
SHA256
93b7015c3a8fba2336ee4850848b4e34c58b6c8ce3b8c27f634d54f6dac093ad
-
SHA512
cd05079cb358137ebec7665ded7743422918ef776e2d81c435b52a2a644ba802f492852ede76cecf6b5bc8225d7e208dcae8c637ce35794e951527dc391f4799
-
SSDEEP
1536:zfule+tm6YLX6D0mieQeEJDDOkPWH3v5yffVwsfbrGGfo5MrsWfG6cdS3Cy18z6V:c3ieQzJnDPWXxyfishfYjbSBo6CM
Score8/10-
Disables Task Manager via registry modification
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-