General
-
Target
iQ3.exe
-
Size
12.1MB
-
Sample
240519-137z5ach5s
-
MD5
471b3fd7a64252013bc26a4c6139583f
-
SHA1
99b15cd8fda0272cc83567522ea7cff446a76ae9
-
SHA256
d53c0a8e0297da596435e5026179af97b63182a19d6ec9bab7a7f197b30bbade
-
SHA512
f412b7115d3235c532ae3943c5ec0ac903d868dfee2e017127942b51799cb9ad38b7a0d1e5a0b6bfccf4cf3227f4c773cd5618c6b175fc66704cbcc5ef7f1801
-
SSDEEP
196608:xZr6oAzu2g1DqWSAeMkLDcBt53aX31GKtzYq3HyT/grVyuw4V:zrDAzMDqW2dmuX31hhXyT/Sx
Behavioral task
behavioral1
Sample
iQ3.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
iQ3.exe
-
Size
12.1MB
-
MD5
471b3fd7a64252013bc26a4c6139583f
-
SHA1
99b15cd8fda0272cc83567522ea7cff446a76ae9
-
SHA256
d53c0a8e0297da596435e5026179af97b63182a19d6ec9bab7a7f197b30bbade
-
SHA512
f412b7115d3235c532ae3943c5ec0ac903d868dfee2e017127942b51799cb9ad38b7a0d1e5a0b6bfccf4cf3227f4c773cd5618c6b175fc66704cbcc5ef7f1801
-
SSDEEP
196608:xZr6oAzu2g1DqWSAeMkLDcBt53aX31GKtzYq3HyT/grVyuw4V:zrDAzMDqW2dmuX31hhXyT/Sx
-
Detect Blackmoon payload
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-