General
-
Target
7f48100d14406803976f8a93f382755c39f2b8bc35257b6b644f04258ba3253d
-
Size
5.4MB
-
Sample
240526-j39qaaca9x
-
MD5
13f672877739b434f848bacb376c8780
-
SHA1
6675668f41160353be4d5abe3d9786d8fe115979
-
SHA256
7f48100d14406803976f8a93f382755c39f2b8bc35257b6b644f04258ba3253d
-
SHA512
5b39f3ec1a38fba61d30318c5312aa37258d8c785bd8d620e4f57d89a24cfbbde144c3622770d79b862f13b92dd28b568780ea67e33991019de91ecd753038ed
-
SSDEEP
98304:LJYCxmskqL8/zQG9x/MWp+viojvF0cW7Gbl7bWF+HQlV8Tb5ewf:LJYCFjCz+vzF0cWi576FYQYX5nf
Behavioral task
behavioral1
Sample
7f48100d14406803976f8a93f382755c39f2b8bc35257b6b644f04258ba3253d.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
7f48100d14406803976f8a93f382755c39f2b8bc35257b6b644f04258ba3253d
-
Size
5.4MB
-
MD5
13f672877739b434f848bacb376c8780
-
SHA1
6675668f41160353be4d5abe3d9786d8fe115979
-
SHA256
7f48100d14406803976f8a93f382755c39f2b8bc35257b6b644f04258ba3253d
-
SHA512
5b39f3ec1a38fba61d30318c5312aa37258d8c785bd8d620e4f57d89a24cfbbde144c3622770d79b862f13b92dd28b568780ea67e33991019de91ecd753038ed
-
SSDEEP
98304:LJYCxmskqL8/zQG9x/MWp+viojvF0cW7Gbl7bWF+HQlV8Tb5ewf:LJYCFjCz+vzF0cWi576FYQYX5nf
-
Detect Blackmoon payload
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-