General

  • Target

    00b168b6ef815feb40a700c09a2019cf

  • Size

    12.3MB

  • Sample

    231224-rq9hraebbk

  • MD5

    00b168b6ef815feb40a700c09a2019cf

  • SHA1

    e210ee259e0c5342e4f9515f25799c3fecb0180d

  • SHA256

    068c354b7435fec4c6f6772516ca729f96178ebce5441590ff16340e53f32f35

  • SHA512

    49d03cfb5bc533dcda0a71d5a8355acaec11d4013c54fdcd480f55b0adf7caf1f9a363ddb97cc0d78b40c5640ad5f9ec8ea8b6f7ff463a61bb43218a4e094133

  • SSDEEP

    196608:mSaSz2IGIo0RUkBAOnLfvBcl1srEMVhOrswgaCPTql5yJFNTZtqZnoiUwK35g:Ild0rq4LfvBEKr5VoI3aeqUFNttqZodq

Malware Config

Targets

    • Target

      00b168b6ef815feb40a700c09a2019cf

    • Size

      12.3MB

    • MD5

      00b168b6ef815feb40a700c09a2019cf

    • SHA1

      e210ee259e0c5342e4f9515f25799c3fecb0180d

    • SHA256

      068c354b7435fec4c6f6772516ca729f96178ebce5441590ff16340e53f32f35

    • SHA512

      49d03cfb5bc533dcda0a71d5a8355acaec11d4013c54fdcd480f55b0adf7caf1f9a363ddb97cc0d78b40c5640ad5f9ec8ea8b6f7ff463a61bb43218a4e094133

    • SSDEEP

      196608:mSaSz2IGIo0RUkBAOnLfvBcl1srEMVhOrswgaCPTql5yJFNTZtqZnoiUwK35g:Ild0rq4LfvBEKr5VoI3aeqUFNttqZodq

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks