General
-
Target
d1e1766714d0540fcdaafd3543859d20
-
Size
196KB
-
Sample
240317-z2lvtsgg8x
-
MD5
d1e1766714d0540fcdaafd3543859d20
-
SHA1
90460c3157dc9bd7477f14cdc65b2d329a318ac5
-
SHA256
746e7555903a18e3db00fedd0db8d402ab0b23a87340a2a3ea3ca15fc8c312f7
-
SHA512
400710ce9b3bf08feaafa115d87eebd216972221411d2d744c35548c787100654f69ae4f536ceb0976a94b6cd89ac06ffe415fda12b6a99f4d9eda9cee1dae13
-
SSDEEP
3072:UHT1KEWjl+V+GRwUO8OxVLGYLpYcZcy9K:UH3WR3GRwcOxUZcZT
Static task
static1
Behavioral task
behavioral1
Sample
d1e1766714d0540fcdaafd3543859d20.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d1e1766714d0540fcdaafd3543859d20.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
d1e1766714d0540fcdaafd3543859d20
-
Size
196KB
-
MD5
d1e1766714d0540fcdaafd3543859d20
-
SHA1
90460c3157dc9bd7477f14cdc65b2d329a318ac5
-
SHA256
746e7555903a18e3db00fedd0db8d402ab0b23a87340a2a3ea3ca15fc8c312f7
-
SHA512
400710ce9b3bf08feaafa115d87eebd216972221411d2d744c35548c787100654f69ae4f536ceb0976a94b6cd89ac06ffe415fda12b6a99f4d9eda9cee1dae13
-
SSDEEP
3072:UHT1KEWjl+V+GRwUO8OxVLGYLpYcZcy9K:UH3WR3GRwcOxUZcZT
Score7/10-
Executes dropped EXE
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-