General
-
Target
ntaserv9234 g34oziy3j 5z30t5j7ze .zip
-
Size
1.3MB
-
Sample
230403-ydm8baae8v
-
MD5
a760d3ecf8e8bea8eb5668c350bded21
-
SHA1
24df59adb4a7bf15fff2d8126f316bc2f2d7d1c3
-
SHA256
18e0d6153f0439474da64ce52edc354a9c5054cd7859652e9422e3e1c2f93ac6
-
SHA512
38337c6293f94b655c7455f8aafbfb45031513fc3a14cb7f42361ba44e8f3a941ca168e5f6c51af14931ff7003d271546b97ca8cb9fa345f91ce5e343510d93e
-
SSDEEP
24576:OrvfTXtiqtu71r5DXvq/gXuuDwuyhrjnTg3fQHdzfYbCd9nfsz1VL8X07G:UtSNA/gXbDjwTgPkfY2Dne15807G
Static task
static1
Behavioral task
behavioral1
Sample
nnfsske3444e zgaddh0n 87gz17.exe
Resource
win7-20230220-es
Behavioral task
behavioral2
Sample
nnfsske3444e zgaddh0n 87gz17.exe
Resource
win10v2004-20230221-es
Behavioral task
behavioral3
Sample
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8529133.exe
Resource
win7-20230220-es
Behavioral task
behavioral4
Sample
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8529133.exe
Resource
win10v2004-20230220-es
Malware Config
Targets
-
-
Target
nnfsske3444e zgaddh0n 87gz17.exe
-
Size
3.0MB
-
MD5
89784e5c4913328c3710f07f85f37c68
-
SHA1
c6d91d14e828713c0ae0e86dfe500e0d0b8cd7ad
-
SHA256
067a1685ad9ece5f23192c8049c481e45b521d7144487f3fa297f6c06afe59a5
-
SHA512
9b3855391dc37d6becdc097a220b076014de479635548452816a55d7ec314e3954c015462bc421280482914f523172e960017746efe4b58b924009650fc3b23b
-
SSDEEP
49152:vjb4KhpEKoulsx+SZonEKndC6mTXsPVPml:vjbbXoulFddC6FPVPk
Score3/10 -
-
-
Target
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~8529133
-
Size
262KB
-
MD5
af9d145415e87c34bacc66428da5a096
-
SHA1
b1b5bfd6640e1b8360407a02aa1f3a949c20a8d3
-
SHA256
5a5c8299c0369b081406203dcff228e918db19d4a44f9e833e7d6ddb97ecb9d2
-
SHA512
d8ba07b9aa9e667edc8fb790af4053967b72fef52b47cbc2333d6fccaf410b145aa0d6e7b5ff4381bdfe1d8aa7027037f955e49d8d8e078c0022184827bd2811
-
SSDEEP
3072:S3FKK+qOLpWZOpHwOnxjhI1a29nMGkvmUCDzTObdPnF5od1Jc+mTSC/REMz5hMP7:S9+qOLoaXjhenMGmmUEebVF+uoU7y6tq
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-