General
-
Target
ef6381d0284eb9a794e723f8c72b8a6fa667d7dc99960c0fe34604d494197ed0
-
Size
5.5MB
-
Sample
240524-dje4nsah85
-
MD5
48fafe2ff2320b6862f9ad15d9dd4a7e
-
SHA1
49c50aed816730a6c3fc8e64653a672a0c28958f
-
SHA256
ef6381d0284eb9a794e723f8c72b8a6fa667d7dc99960c0fe34604d494197ed0
-
SHA512
34297c9a0993bddd8934d3f08e7f7833c0d209fb2c3bdf4aec57579ba33ac15933c7830608ee1de0a75954ba3f893c3fdfb80204992b930dd2519169c4c41310
-
SSDEEP
98304:gJYCxmskqL8/zQGsxzUIdKBAut9LadEShfbP3QYgKzs6LGN/HpT/VV:gJYCFjBBolmdEiAY9zs6+pbVV
Behavioral task
behavioral1
Sample
ef6381d0284eb9a794e723f8c72b8a6fa667d7dc99960c0fe34604d494197ed0.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
ef6381d0284eb9a794e723f8c72b8a6fa667d7dc99960c0fe34604d494197ed0
-
Size
5.5MB
-
MD5
48fafe2ff2320b6862f9ad15d9dd4a7e
-
SHA1
49c50aed816730a6c3fc8e64653a672a0c28958f
-
SHA256
ef6381d0284eb9a794e723f8c72b8a6fa667d7dc99960c0fe34604d494197ed0
-
SHA512
34297c9a0993bddd8934d3f08e7f7833c0d209fb2c3bdf4aec57579ba33ac15933c7830608ee1de0a75954ba3f893c3fdfb80204992b930dd2519169c4c41310
-
SSDEEP
98304:gJYCxmskqL8/zQGsxzUIdKBAut9LadEShfbP3QYgKzs6LGN/HpT/VV:gJYCFjBBolmdEiAY9zs6+pbVV
-
Detect Blackmoon payload
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-