General
-
Target
repack by xatab.exe
-
Size
222KB
-
Sample
210710-68sladrcsj
-
MD5
e2aaff3cf5f2b9fee6061eddf55620b9
-
SHA1
f780afcca44c836dc48619dece8374882521bbb1
-
SHA256
90413227e6a42728248b5adf7c8930491a3ef2c7ec3b21d93f5da52a8f126f6d
-
SHA512
8827152335018563b4091ed5aebac7d26ff0eae478a848eb8659c9fe9a4ffcd9599457587b3b4310253d85571fe385d3ac4499366e621326092be1b178039834
Static task
static1
Behavioral task
behavioral1
Sample
repack by xatab.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
repack by xatab.exe
Resource
win10v20210410
Malware Config
Extracted
C:\$Recycle.Bin\S-1-5-21-2513283230-931923277-594887482-1000\HOW TO DECRYPT FILES.txt
Targets
-
-
Target
repack by xatab.exe
-
Size
222KB
-
MD5
e2aaff3cf5f2b9fee6061eddf55620b9
-
SHA1
f780afcca44c836dc48619dece8374882521bbb1
-
SHA256
90413227e6a42728248b5adf7c8930491a3ef2c7ec3b21d93f5da52a8f126f6d
-
SHA512
8827152335018563b4091ed5aebac7d26ff0eae478a848eb8659c9fe9a4ffcd9599457587b3b4310253d85571fe385d3ac4499366e621326092be1b178039834
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-