General
-
Target
5ead71459501e8c5c2068e0149b026bf7ba9b045da0d0de23616401cfb58c4d8
-
Size
4.3MB
-
Sample
240630-pkby7a1cpl
-
MD5
fe91ab55542f1446f7798a979b6406e5
-
SHA1
806851d741210b25aa085806efd6380a830f4905
-
SHA256
5ead71459501e8c5c2068e0149b026bf7ba9b045da0d0de23616401cfb58c4d8
-
SHA512
4b11b60438280283c1a2b1b856a92558a0d6c501f749f56f267d3cad76e6af4ea863957afb29981a6d578458ad711f8d886834d07caa8e3af800f23db746255a
-
SSDEEP
49152:4GJG+5spujVZ5c4TS03jEvyfrV0RMXEvaOhtlWfD85ImBkCoNZzykP/:npsuZrv8yfrVhXE/htlv5BBNoNty+/
Malware Config
Targets
-
-
Target
5ead71459501e8c5c2068e0149b026bf7ba9b045da0d0de23616401cfb58c4d8
-
Size
4.3MB
-
MD5
fe91ab55542f1446f7798a979b6406e5
-
SHA1
806851d741210b25aa085806efd6380a830f4905
-
SHA256
5ead71459501e8c5c2068e0149b026bf7ba9b045da0d0de23616401cfb58c4d8
-
SHA512
4b11b60438280283c1a2b1b856a92558a0d6c501f749f56f267d3cad76e6af4ea863957afb29981a6d578458ad711f8d886834d07caa8e3af800f23db746255a
-
SSDEEP
49152:4GJG+5spujVZ5c4TS03jEvyfrV0RMXEvaOhtlWfD85ImBkCoNZzykP/:npsuZrv8yfrVhXE/htlv5BBNoNty+/
Score6/10-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-