Extracted

• • Target

    63571552d75ae87103f927f7d44862c36ce9d3b48a796b4de93dc4f51db1e344

  • Size

    3.5MB

  • MD5

    622f68a3a566e5bed1af1a09f4ecc87d

  • SHA1

    67e380ae4782db2938dff93c69c0c99db13145d6

  • SHA256

    63571552d75ae87103f927f7d44862c36ce9d3b48a796b4de93dc4f51db1e344

  • SHA512

    788b2340e9d575085dfd51c76e698ad04913f9ed81eea34b6a51e3476d193c2ed6710113fcef203418a182ad00ca102fd22a9ade2c5fead2e9b73b0c66531635

  • SSDEEP

    49152:4hE/hGyc92Q4sGFilFT4IZi3O96wrhHHfT81CEhx+XOtWEbV/q5WVp4QHhmeZP5N:4hIhGOQw+Sgi32HHfImWQQrvrOoUqT

  Score

  7^/10

  bootkitpersistence

  • Loads dropped DLL

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Writes to the Master Boot Record (MBR)

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  behavioral1behavioral2