General
-
Target
https://github.com/pankoza2-pl/salinewin.exe-Malware/commit/551397166ce887cb59f7c27a25f4c819154064b7#diff-435ae535a9504830f325f84416607094945443192acf5ae7a2997d961d03fc4d
-
Sample
241109-ss7bvaxclk
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/pankoza2-pl/salinewin.exe-Malware/commit/551397166ce887cb59f7c27a25f4c819154064b7#diff-435ae535a9504830f325f84416607094945443192acf5ae7a2997d961d03fc4d
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
https://github.com/pankoza2-pl/salinewin.exe-Malware/commit/551397166ce887cb59f7c27a25f4c819154064b7#diff-435ae535a9504830f325f84416607094945443192acf5ae7a2997d961d03fc4d
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-