General
-
Target
fdbf63664b25985ec6399161526ad726e2421f4815447602e6af3007608a3799
-
Size
2.4MB
-
Sample
240525-vq3a8aca28
-
MD5
d40a04430e6b2ed6bc7754f3dfc91756
-
SHA1
eda2c74a26b50808a56dd23b285bd1c95d1bf7d4
-
SHA256
fdbf63664b25985ec6399161526ad726e2421f4815447602e6af3007608a3799
-
SHA512
f2cd37805c6f59cb5ffb295ffb56ba502af8939a9564391fb001aefa84e6cc53d8e762bb72c2548a938d7094db036cdf81ed577a87bfeeab2a8a6c0478713c94
-
SSDEEP
49152:JoNgRf9tTkvqHWzKVcBd6o6nt2rK09G4lyo0ZacSiLUswRI/CIJc:J+Qf7cqA0bt2rK09cohiLUbQJJc
Static task
static1
Behavioral task
behavioral1
Sample
fdbf63664b25985ec6399161526ad726e2421f4815447602e6af3007608a3799.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fdbf63664b25985ec6399161526ad726e2421f4815447602e6af3007608a3799.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
fdbf63664b25985ec6399161526ad726e2421f4815447602e6af3007608a3799
-
Size
2.4MB
-
MD5
d40a04430e6b2ed6bc7754f3dfc91756
-
SHA1
eda2c74a26b50808a56dd23b285bd1c95d1bf7d4
-
SHA256
fdbf63664b25985ec6399161526ad726e2421f4815447602e6af3007608a3799
-
SHA512
f2cd37805c6f59cb5ffb295ffb56ba502af8939a9564391fb001aefa84e6cc53d8e762bb72c2548a938d7094db036cdf81ed577a87bfeeab2a8a6c0478713c94
-
SSDEEP
49152:JoNgRf9tTkvqHWzKVcBd6o6nt2rK09G4lyo0ZacSiLUswRI/CIJc:J+Qf7cqA0bt2rK09cohiLUbQJJc
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-