General
-
Target
sumthin.exe
-
Size
2.9MB
-
Sample
230406-ffe1lsbd67
-
MD5
194581131c0fd49fc8c91b0af260943a
-
SHA1
6b34925aa2892011aad7f72e167dbac966bf6e39
-
SHA256
05ea5a2c58c71d1b554a0582117ef31b9bd7f9b83d21f4dcf19b3d6e94b4cc58
-
SHA512
cf805a1ef9fa1b199e98c684d217a66c9ab79b476e9498353fa8b8640eaf5ee67d477f15dd25291796668239c43fafc11a6109b646ae778c1149397e17bcc641
-
SSDEEP
49152:CG8VnqJRx8uIHCDch7UPBltq9b9fr+ZqleaNpM/OFX8qE4xq5mCfu1pYhec7bO3:DsnqvIHC+7Szq9bQ2KqE4xq5mGApYhtW
Static task
static1
Behavioral task
behavioral1
Sample
sumthin.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
sumthin.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
sumthin.exe
-
Size
2.9MB
-
MD5
194581131c0fd49fc8c91b0af260943a
-
SHA1
6b34925aa2892011aad7f72e167dbac966bf6e39
-
SHA256
05ea5a2c58c71d1b554a0582117ef31b9bd7f9b83d21f4dcf19b3d6e94b4cc58
-
SHA512
cf805a1ef9fa1b199e98c684d217a66c9ab79b476e9498353fa8b8640eaf5ee67d477f15dd25291796668239c43fafc11a6109b646ae778c1149397e17bcc641
-
SSDEEP
49152:CG8VnqJRx8uIHCDch7UPBltq9b9fr+ZqleaNpM/OFX8qE4xq5mCfu1pYhec7bO3:DsnqvIHC+7Szq9bQ2KqE4xq5mGApYhtW
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-