General

  • Target

    ffb64ef4866b22c5ec4c2d2e0723e365

  • Size

    88KB

  • Sample

    231228-3dwxnseda7

  • MD5

    ffb64ef4866b22c5ec4c2d2e0723e365

  • SHA1

    8cf835f75bc0924d8a9fa18669a5f4ae5444572e

  • SHA256

    76062acf12e6bf5006a5987db3169f57a63199c2d5f4eb30cb77c4744701830f

  • SHA512

    ab064ed19a8c44222958e8a447d1df831dccd181266de001dd639ddad9005d046aed3859f8fecdb864f2e9433a6a1f0557a80e3135fbd5c348e1dc674c1b9189

  • SSDEEP

    1536:dXNXdlRH+Dwk4cSGesvhC8plnQ85+HwClgfTQqPTFTCtOQ8CcfiO:ddtlRH+UxGzh3HQ85+QqoTBfiO

Malware Config

Targets

    • Target

      ffb64ef4866b22c5ec4c2d2e0723e365

    • Size

      88KB

    • MD5

      ffb64ef4866b22c5ec4c2d2e0723e365

    • SHA1

      8cf835f75bc0924d8a9fa18669a5f4ae5444572e

    • SHA256

      76062acf12e6bf5006a5987db3169f57a63199c2d5f4eb30cb77c4744701830f

    • SHA512

      ab064ed19a8c44222958e8a447d1df831dccd181266de001dd639ddad9005d046aed3859f8fecdb864f2e9433a6a1f0557a80e3135fbd5c348e1dc674c1b9189

    • SSDEEP

      1536:dXNXdlRH+Dwk4cSGesvhC8plnQ85+HwClgfTQqPTFTCtOQ8CcfiO:ddtlRH+UxGzh3HQ85+QqoTBfiO

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks