General
-
Target
e98803898b88423e0242f26a0a8fd7d818f6d904121029043e36ab0b85371469
-
Size
14.6MB
-
Sample
240525-t62h7aag6z
-
MD5
4196bc174780a4e3705f6d290842916e
-
SHA1
d22c571de11bded50f2c982f059aac5cdc0b1863
-
SHA256
e98803898b88423e0242f26a0a8fd7d818f6d904121029043e36ab0b85371469
-
SHA512
d2ffa7a13f5bc1b6d6bed97cb1d0b435414e5be92abdfc810ed58a0468fe2117722290195d2ff8a5bcf566fb945270b11d94dbc3d83e0aa7f10433367082d931
-
SSDEEP
393216:MH0sOk7QX96YWIiFFUdniVjOSr/lxCQ8ZCd:K0sLO6YWIiFFU4jOSiQ8Zy
Static task
static1
Behavioral task
behavioral1
Sample
e98803898b88423e0242f26a0a8fd7d818f6d904121029043e36ab0b85371469.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
e98803898b88423e0242f26a0a8fd7d818f6d904121029043e36ab0b85371469.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
e98803898b88423e0242f26a0a8fd7d818f6d904121029043e36ab0b85371469
-
Size
14.6MB
-
MD5
4196bc174780a4e3705f6d290842916e
-
SHA1
d22c571de11bded50f2c982f059aac5cdc0b1863
-
SHA256
e98803898b88423e0242f26a0a8fd7d818f6d904121029043e36ab0b85371469
-
SHA512
d2ffa7a13f5bc1b6d6bed97cb1d0b435414e5be92abdfc810ed58a0468fe2117722290195d2ff8a5bcf566fb945270b11d94dbc3d83e0aa7f10433367082d931
-
SSDEEP
393216:MH0sOk7QX96YWIiFFUdniVjOSr/lxCQ8ZCd:K0sLO6YWIiFFU4jOSiQ8Zy
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-