General
-
Target
6608faec9566113c149bea5df8e21fabfce6bd402004021634707058387cf7a7
-
Size
3.4MB
-
Sample
240524-d37m2abe77
-
MD5
06029314ebd4a4f3cdfe4df3d4c6a5ec
-
SHA1
9b04170a801c78c98ba6f1e84621f09b58bda798
-
SHA256
6608faec9566113c149bea5df8e21fabfce6bd402004021634707058387cf7a7
-
SHA512
3ff6c088a2e7df81398bde9d7a6fa3ad2200b616771b94e15c9bad07241f76366be1cef463f8696cf6d329dcbad6e272db3eb085715f7d5b199a630b78ddf3b8
-
SSDEEP
12288:6CKeGGfG6udZpIcJPQLGCQaOHbOceDg6frUgVBy9:6CKeGG8dZ/QiuOCcQg6DUgVE9
Static task
static1
Behavioral task
behavioral1
Sample
6608faec9566113c149bea5df8e21fabfce6bd402004021634707058387cf7a7.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
6608faec9566113c149bea5df8e21fabfce6bd402004021634707058387cf7a7.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
6608faec9566113c149bea5df8e21fabfce6bd402004021634707058387cf7a7
-
Size
3.4MB
-
MD5
06029314ebd4a4f3cdfe4df3d4c6a5ec
-
SHA1
9b04170a801c78c98ba6f1e84621f09b58bda798
-
SHA256
6608faec9566113c149bea5df8e21fabfce6bd402004021634707058387cf7a7
-
SHA512
3ff6c088a2e7df81398bde9d7a6fa3ad2200b616771b94e15c9bad07241f76366be1cef463f8696cf6d329dcbad6e272db3eb085715f7d5b199a630b78ddf3b8
-
SSDEEP
12288:6CKeGGfG6udZpIcJPQLGCQaOHbOceDg6frUgVBy9:6CKeGG8dZ/QiuOCcQg6DUgVE9
Score7/10-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-