General
-
Target
fdad7739899cd8df4f85ef3b756a91df307127b1725762ae37109220e1ad5f43
-
Size
5.4MB
-
Sample
240526-lczthaec75
-
MD5
b4dc5887b91d688df506e1fd272a0d1c
-
SHA1
bf07fb6ca99090ee51d9b0761737b5733d509ee8
-
SHA256
fdad7739899cd8df4f85ef3b756a91df307127b1725762ae37109220e1ad5f43
-
SHA512
3c38ecb24f8f7b49c782fbc99f4d6570d0f065697640d6e6ee7d3bf4296d994caf213cbaadbb2394f49261c6784afe83b516fbebc4952b05f61f1b7dfa6b1219
-
SSDEEP
98304:bJYCxmskqL8/zQG3xxUgpHj5CndaYxGR03x7HnzzBeqTVrYp:bJYCFjU/pD5CndgKxbXRYp
Behavioral task
behavioral1
Sample
fdad7739899cd8df4f85ef3b756a91df307127b1725762ae37109220e1ad5f43.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
fdad7739899cd8df4f85ef3b756a91df307127b1725762ae37109220e1ad5f43
-
Size
5.4MB
-
MD5
b4dc5887b91d688df506e1fd272a0d1c
-
SHA1
bf07fb6ca99090ee51d9b0761737b5733d509ee8
-
SHA256
fdad7739899cd8df4f85ef3b756a91df307127b1725762ae37109220e1ad5f43
-
SHA512
3c38ecb24f8f7b49c782fbc99f4d6570d0f065697640d6e6ee7d3bf4296d994caf213cbaadbb2394f49261c6784afe83b516fbebc4952b05f61f1b7dfa6b1219
-
SSDEEP
98304:bJYCxmskqL8/zQG3xxUgpHj5CndaYxGR03x7HnzzBeqTVrYp:bJYCFjU/pD5CndgKxbXRYp
-
Detect Blackmoon payload
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-