General
-
Target
f224d71a7b3239494f4e98f2844adc44
-
Size
12.4MB
-
Sample
231222-t1wezsahb6
-
MD5
f224d71a7b3239494f4e98f2844adc44
-
SHA1
f1a4c958687240af154338af9d7ea7cac6ccc9b1
-
SHA256
eba223ceb11e972aa365a261dd5e68b015b8e2beb26f327e34f563d78909ddcf
-
SHA512
e5c8b727cc5398332b79c765fa0f0d121070a554b0b0aa0c04680d080bbca27b415d14083b5c21a0add3152626de3f41a10c12c9a7c7aebc35121efc8bb6bf29
-
SSDEEP
393216:NJYnOR5tRWqVxsUceCygRU2mXAToUB1D5AK:Ngm5t4kxCeCRR2wToUBF5AK
Behavioral task
behavioral1
Sample
f224d71a7b3239494f4e98f2844adc44.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
f224d71a7b3239494f4e98f2844adc44.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
f224d71a7b3239494f4e98f2844adc44
-
Size
12.4MB
-
MD5
f224d71a7b3239494f4e98f2844adc44
-
SHA1
f1a4c958687240af154338af9d7ea7cac6ccc9b1
-
SHA256
eba223ceb11e972aa365a261dd5e68b015b8e2beb26f327e34f563d78909ddcf
-
SHA512
e5c8b727cc5398332b79c765fa0f0d121070a554b0b0aa0c04680d080bbca27b415d14083b5c21a0add3152626de3f41a10c12c9a7c7aebc35121efc8bb6bf29
-
SSDEEP
393216:NJYnOR5tRWqVxsUceCygRU2mXAToUB1D5AK:Ngm5t4kxCeCRR2wToUBF5AK
Score7/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-