General
-
Target
35fba4ae966fe12c1b9c5dfdcc5b69c2991a412a0f1e5774118e172dbd40ad6e.exe
-
Size
813KB
-
Sample
240522-zd8dxsfg75
-
MD5
8a35b10f431e16c1a30d5c837df343e5
-
SHA1
8f52cbf4905d0e1fa88d603cb02785107f6c06b8
-
SHA256
35fba4ae966fe12c1b9c5dfdcc5b69c2991a412a0f1e5774118e172dbd40ad6e
-
SHA512
992392f63e84921ad9aa1cd42a9fe4bd55b305825a54fd9036ae468dacc8e6b11bfcebd8bfea90c02a6d62ec4bc7f3bdebd528b48d33d2f3d3640b533d8ab468
-
SSDEEP
12288:XHboTxwbed/QIA8Em9D+7m5BXIz1xYCp6IEJ9eHyg6EtF9/wDfbGRS:38TFQBe9QzgC6PcBdT/wzkS
Malware Config
Targets
-
-
Target
35fba4ae966fe12c1b9c5dfdcc5b69c2991a412a0f1e5774118e172dbd40ad6e.exe
-
Size
813KB
-
MD5
8a35b10f431e16c1a30d5c837df343e5
-
SHA1
8f52cbf4905d0e1fa88d603cb02785107f6c06b8
-
SHA256
35fba4ae966fe12c1b9c5dfdcc5b69c2991a412a0f1e5774118e172dbd40ad6e
-
SHA512
992392f63e84921ad9aa1cd42a9fe4bd55b305825a54fd9036ae468dacc8e6b11bfcebd8bfea90c02a6d62ec4bc7f3bdebd528b48d33d2f3d3640b533d8ab468
-
SSDEEP
12288:XHboTxwbed/QIA8Em9D+7m5BXIz1xYCp6IEJ9eHyg6EtF9/wDfbGRS:38TFQBe9QzgC6PcBdT/wzkS
Score8/10-
Downloads MZ/PE file
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-