General
-
Target
Holmium.exe
-
Size
53KB
-
Sample
230402-lg4y1sff38
-
MD5
2c1282268ccd4a23bed9f8f53372a32d
-
SHA1
c0052f0c640d9d060af7c9fd43fa5537a9bef0b9
-
SHA256
d8341acb15cf158aa1ab4bc600b67b657b8f7b15dbc93acf29cb4a3d9e4f98fc
-
SHA512
cbe61c4bdbc4d0774212ad2aba59b24672de6106cedbf5a4677f12da53ca0ba883dc46b719f0596df48b47512f705e3187975e6200462fda4719460c5f365210
-
SSDEEP
768:QpeVMP2xCO5SYMoSEj6VpWOQ2U5BAYH5IGoZ8U7:QpeVM+xCOhSa6z/Q2U56YHSD
Static task
static1
Behavioral task
behavioral1
Sample
Holmium.exe
Resource
win7-20230220-de
Malware Config
Targets
-
-
Target
Holmium.exe
-
Size
53KB
-
MD5
2c1282268ccd4a23bed9f8f53372a32d
-
SHA1
c0052f0c640d9d060af7c9fd43fa5537a9bef0b9
-
SHA256
d8341acb15cf158aa1ab4bc600b67b657b8f7b15dbc93acf29cb4a3d9e4f98fc
-
SHA512
cbe61c4bdbc4d0774212ad2aba59b24672de6106cedbf5a4677f12da53ca0ba883dc46b719f0596df48b47512f705e3187975e6200462fda4719460c5f365210
-
SSDEEP
768:QpeVMP2xCO5SYMoSEj6VpWOQ2U5BAYH5IGoZ8U7:QpeVM+xCOhSa6z/Q2U56YHSD
Score8/10-
Disables Task Manager via registry modification
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-