General
-
Target
Guess.exe
-
Size
118KB
-
Sample
240420-n21hfagg31
-
MD5
a4a72f6f847a97c6827fb2c14c2e5aac
-
SHA1
7a516e225397c7e3929e6930163dd6a2a748b056
-
SHA256
63f4a4b367edd742486de711afd2bac8d87e0357ea3cff3171c46705bb75a16c
-
SHA512
61490e0d7fd27ce5c0eda21fb8339762b9ecefa2e8c419dbbe4a0bca765e5d75425c6311916de74983bde5a7b12d7fe10a42ed7390157cb054bb1622a567f9c5
-
SSDEEP
1536:RIkxWPP1B4/XgAgsCHDPJmxvWhygM5z8lrSI+2A2arufN1jkgpPTIyUF:R9sH1B4/tC4xhowuAO4F
Static task
static1
Behavioral task
behavioral1
Sample
Guess.exe
Resource
win11-20240412-en
Malware Config
Targets
-
-
Target
Guess.exe
-
Size
118KB
-
MD5
a4a72f6f847a97c6827fb2c14c2e5aac
-
SHA1
7a516e225397c7e3929e6930163dd6a2a748b056
-
SHA256
63f4a4b367edd742486de711afd2bac8d87e0357ea3cff3171c46705bb75a16c
-
SHA512
61490e0d7fd27ce5c0eda21fb8339762b9ecefa2e8c419dbbe4a0bca765e5d75425c6311916de74983bde5a7b12d7fe10a42ed7390157cb054bb1622a567f9c5
-
SSDEEP
1536:RIkxWPP1B4/XgAgsCHDPJmxvWhygM5z8lrSI+2A2arufN1jkgpPTIyUF:R9sH1B4/tC4xhowuAO4F
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-