General

  • Target

    9fb1fdd0bce290c381871d44168a89a7b4fdaa494d3c9698b6b71cf34754eb59

  • Size

    633KB

  • Sample

    221003-hdjxwsdben

  • MD5

    3bf12b0c22b74b6872cfd1173407dce3

  • SHA1

    28da93920f4ead65f84acd428652764ddc8b257e

  • SHA256

    9fb1fdd0bce290c381871d44168a89a7b4fdaa494d3c9698b6b71cf34754eb59

  • SHA512

    2580f87caa816a8fb9eebe4b31e5658cd588ae60f7856f697002829a5c7f3c44503def39330ebd3f65b1e6506792616b0d084a06593c7f0eafb33706f3f2657b

  • SSDEEP

    12288:hKr6SBsPOq2WGhQDtGIYA3DugBIWDwLDFRB:IPYP2WGaDtjYkufLDFP

Malware Config

Targets

    • Target

      9fb1fdd0bce290c381871d44168a89a7b4fdaa494d3c9698b6b71cf34754eb59

    • Size

      633KB

    • MD5

      3bf12b0c22b74b6872cfd1173407dce3

    • SHA1

      28da93920f4ead65f84acd428652764ddc8b257e

    • SHA256

      9fb1fdd0bce290c381871d44168a89a7b4fdaa494d3c9698b6b71cf34754eb59

    • SHA512

      2580f87caa816a8fb9eebe4b31e5658cd588ae60f7856f697002829a5c7f3c44503def39330ebd3f65b1e6506792616b0d084a06593c7f0eafb33706f3f2657b

    • SSDEEP

      12288:hKr6SBsPOq2WGhQDtGIYA3DugBIWDwLDFRB:IPYP2WGaDtjYkufLDFP

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v6

Tasks