General

  • Target

    evidencias_sorvologaunt.7z

  • Size

    829.8MB

  • Sample

    230531-wx7d7agh78

  • MD5

    130decf0165501e8e53148035b057bd5

  • SHA1

    a3358d79b6b24bd2afb5267a6bbe8672fd0613b6

  • SHA256

    6c22662a21bcaf8b65b581982cd5e6f91448a01d6cf94ff13d3ba4b87ae97d25

  • SHA512

    a93b62ae9abace52b3bc9706a0ddce958489f82c044c8050b297393c513d82353c6d2e8e76c30903c3d61bdedbe6adcfa05173fc2bb2a34287624f27ac44c002

  • SSDEEP

    25165824:/Ul/xZ7kQbLn8+c3f71eo4/VmC/kl7yl+ed99/fHks+C:8p7AQXy7x4/sDo1VfES

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://cem.services.microsoft.com/v2.0/products/Troubleshooter-WindowsUpdate/errors/Unknown/message

Targets

    • Target

      Windows/Boot/$I30

    • Size

      4KB

    • MD5

      f2407ab2625d84a29ba851ff998385bf

    • SHA1

      3d461221b77a28cbaff9bba60ce21c4a2afc70c7

    • SHA256

      39ae3c54e631c6798d14a964f4d1a7bd730d431cb71caad0c72cdede837a53d9

    • SHA512

      cf985425c0f529510640564fd0f562a28da0bf7594772ab825d914dd270acb8fb084a11dfad000919027aa6443843205fea7e95c3023f0cd7140448daef661dd

    Score
    1/10
    • Target

      Windows/Boot/BootDebuggerFiles.ini

    • Size

      91B

    • MD5

      884885cd0abca482c4d65431b460cce8

    • SHA1

      ce2e7e11ba4f91497078f46b5dea00aabd310d49

    • SHA256

      a2b580321650a9e249e253eff90096981876323fbbccd0436af173ad6759b3a1

    • SHA512

      2404a88cfeb38fdc9910f362a8afb4e7f1bedc7eda8957d985cf5e4aa6e46527a4a01a7cb143b332a1e61c4c41a471d0721622e7f66985eb935a13220553d4f7

    Score
    1/10
    • Target

      Windows/Boot/DVD/EFI/BCD

    • Size

      16KB

    • MD5

      c40d6d0407a253f0bfee1ba6cf7381bc

    • SHA1

      727f2995fb9740cf57ca51cd1697f819ffde3cd3

    • SHA256

      bff472748d463452679b3912c6e3317c23f310fc60d580c988f00237f2ab157f

    • SHA512

      a8aa5dc00acd306986638a2ab8fa174b1b167c5df95484a58bf61b36147be9e4ed2751eef1d0be13cf31f77b04bcf5e64e70524889faac98901202ea1680b1b9

    • SSDEEP

      192:TLtEOHTQlKWZu4NjBp606loecfx/5HfOLB6wm7QwucNcGVgw:TLtEOHqRVIVpoh5/Ss9Ewv

    Score
    1/10
    • Target

      Windows/Boot/DVD/EFI/boot.sdi

    • Size

      3.0MB

    • MD5

      22d9945b4aae36dd59620a918f2e65f4

    • SHA1

      bb025cedca07887916c4b7e5fa7a641ed3e30c14

    • SHA256

      cd2c00ce027687ce4a8bdc967f26a8ab82f651c9becd703658ba282ec49702bd

    • SHA512

      dd2d0ea7d5cf98064838ce0b74711f77534e1a2a14c7f74d44ed4b83acdb6f413d74671d2c6a8574aee88afb456b53a6b8452419a3bdddf2f7e9095c9d1d272e

    • SSDEEP

      3072:S/pcj53vs/InbrTIHvPnHmC5irUuMo/+ncoZZihnh:acRn7y/EouH/cpi

    Score
    3/10
    • Target

      Windows/Boot/DVD/EFI/en-US/efisys.bin

    • Size

      1.4MB

    • MD5

      11a1dbc6ca6863bc889114636d979fb5

    • SHA1

      d45c4643e5ed3f8922c0ed99f31194e4b9e4612e

    • SHA256

      8945d88d65809d2555c50c40a736b6f32added33d09df2d18ca0e40098b52e03

    • SHA512

      4dd402389301986332d4419717d92f5b5417a3f5e0373ef4cac75253a58abf00e6c7d9e9d6b7844a4f58b1925fe9827b0f11cd460313a79f8d41f48f99af2334

    • SSDEEP

      24576:jYDb1GLdr7ecbtUgPUX53cizXxgnaSJ0jPmRoIdQ:Zldb2CU2ijdLmu

    Score
    3/10
    • Target

      Windows/Boot/DVD/EFI/en-US/efisys_noprompt.bin

    • Size

      1.4MB

    • MD5

      d0f30c2942960dfce0e90efb382385cf

    • SHA1

      23e897410c65b06cdfa4a166bc8929d8ee796243

    • SHA256

      9efc728c4724ade5ee477f4c73b97bd1bc3fe05a2bedb1f435f908d5c7ba908e

    • SHA512

      b6cb5b6e6bb88f59ce3a03fcdeeb5f1fae68b09b1adbf6780d4ed17b57b987554ce621fd5f91ba4e06859572740bdb1c681e755d34d1899eae35266227614863

    • SSDEEP

      24576:lRjbjmGfDjGbQD9u3G1WZGsR1BTl6XlzPmdoIK:uMeQZcG5sRT+lbm6Z

    Score
    3/10
    • Target

      Windows/Boot/DVD/PCAT/BCD

    • Size

      16KB

    • MD5

      2e606663ad052407e303e6b07330c23f

    • SHA1

      11813ada097698cf3dbca4b2cb71c915a1c86be5

    • SHA256

      163271449a0e8e108b9e78b04d732191d9bb6d556bf2bc0ce8a4cd56b84fcc3c

    • SHA512

      2a82ee1902c344c67df6ae5b8352be0756a1aa9a8ecff90d6e431407868738ffc0d4c843477e57af3375fcbcd9eeb3fc3f42774576ccd597f6b0f06aec7e12a0

    • SSDEEP

      384:UiM+evQr/FWmjxdpLCuktEFnK83zP4eyZq9HNeUEKPMS6SrLdYKL7CKXFq5ndC:Uer/FWmjxdpLCuktEFnK83zP4eyZq9Hw

    Score
    1/10
    • Target

      Windows/Boot/DVD/PCAT/boot.sdi

    • Size

      3.0MB

    • MD5

      22d9945b4aae36dd59620a918f2e65f4

    • SHA1

      bb025cedca07887916c4b7e5fa7a641ed3e30c14

    • SHA256

      cd2c00ce027687ce4a8bdc967f26a8ab82f651c9becd703658ba282ec49702bd

    • SHA512

      dd2d0ea7d5cf98064838ce0b74711f77534e1a2a14c7f74d44ed4b83acdb6f413d74671d2c6a8574aee88afb456b53a6b8452419a3bdddf2f7e9095c9d1d272e

    • SSDEEP

      3072:S/pcj53vs/InbrTIHvPnHmC5irUuMo/+ncoZZihnh:acRn7y/EouH/cpi

    Score
    3/10
    • Target

      Windows/Boot/DVD/PCAT/es-ES/bootfix.bin

    • Size

      1024B

    • MD5

      0a6649b9bcc1dddb472f5164b389f814

    • SHA1

      5aeb4adb929629b2e8a2866001873e8a1f14cdbc

    • SHA256

      c7d887a06c04e167f774f3c3b7abece896beb058a8f8769bdb566544a3cf34b7

    • SHA512

      67fc3a7774c3c290548acefa25f3005fa18f739bd37d8bf965de536cadabfb96c194daaa4835fd820a781000b0fdb6384e7f3d89b37eaebcb7327f635e060f34

    Score
    3/10
    • Target

      Windows/Boot/EFI/$I30

    • Size

      8KB

    • MD5

      974a279b883a7307d994e46d23b2ab00

    • SHA1

      7502c4f08c3744ce5f90756db935a085c6f3ab65

    • SHA256

      ba97592f777769c76a37a6e1bf8811d37e53749ca7baf55f78b90f1ccc31bea6

    • SHA512

      98de65f64ffb1a1c9aff92e8e13404279050ca127bee6d06025a85cdb88769c23f10b608226256ef5b582d3faa0a8c86bdece68335e5753982a462b5d92dc5b2

    • SSDEEP

      96:kl0DECtRLBJ1gd1p/CS/CYb/Cg/Cl/CA/r/CH/C/P/CAFWzZ2qVx:jtRLBQdmFWzEqVx

    Score
    1/10
    • Target

      Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-125.png

    • Size

      529B

    • MD5

      d903610906a2659153603646ee45caf4

    • SHA1

      743539d615de7b7765e8564cb1d95239f907578c

    • SHA256

      b4aa48581115b7eeb4a4e8462e9f476b279be5b7cec888d0c0148bf071eec802

    • SHA512

      a78cd6e128983121adb8863f6a64a3ecb04ac26e31245a8f142401705c79e45fcd1bdc9ec52793e83135e2ded6eb4c97f2191679705e306e4f5c6ebf7fe01ecf

    Score
    3/10
    • Target

      Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-150.png

    • Size

      612B

    • MD5

      8a15c7a953696c5af24f2fe99fabfeed

    • SHA1

      f5a3cf472b7c4caf20416c6f64ba360dac6d0888

    • SHA256

      98cf27b7844af345897c1ba2a0e698e13cc69c731fb7394c35c8207b239c48ee

    • SHA512

      83921c4790cfaddbe6aea1dff9b4cd859adc4743b2db22bc984ad0dd14963f181cdc25b0d72b0167b7df67fc56826e2ce72a3cb34c0be84fc386e5757a32f05b

    Score
    3/10
    • Target

      Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-200.png

    • Size

      791B

    • MD5

      c0e7a4269a9216e910813a7a657541eb

    • SHA1

      20b69f992ef734ed598b959d1d153c1629204aed

    • SHA256

      6743a2b51691b6d7b9b2db123a5f2f98d1119a35b51cb0d9c0759419d1cbd30f

    • SHA512

      95c3c7df44385a9d633be81e9ceec411b8a12d69cf6e0fa0b834f79b2cc1c967841ba86d95e84bb3441c08664c9495464fb5697f83b00e88fd7277f268fe1eb2

    Score
    3/10
    • Target

      Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-400.png

    • Size

      2KB

    • MD5

      294326727e9b99e520ea00704fbe5daa

    • SHA1

      5dec77cf66425ff50a245f634bc47296c0f7d492

    • SHA256

      fc2c7e923f88cff44f641227d066af84fce7b3f3bef7a7775363f0961a7c1c28

    • SHA512

      27f49ae671d905711f9394e42eb681ef2950bee66d8cea6ca352294c31896e17a762d28286eec6986df36c1198d5d71a523ac8d3b1df685cb626f959c65a1a6d

    Score
    3/10
    • Target

      Windows/ImmersiveControlPanel/images/logo.contrast-white.png

    • Size

      406B

    • MD5

      2607fb627718e227c1480de1a51fd683

    • SHA1

      75a0f9419e0ce36640ba9ef16b02c56dc8ca2f4e

    • SHA256

      4f59a6f813387f2e47fb6910ef7716a06b50cd2ba3a661bcf17181de1312831f

    • SHA512

      2dc4f4e52a308c15c1559d18aafd06e92255a735b65f599d6cf2019339508ed5ac9eef98669ce6c7e6915c53c71daaa8764b4b984813f4d35781ac3d24702ccc

    Score
    3/10
    • Target

      Windows/ImmersiveControlPanel/images/logo.contrast-white_scale-100.png

    • Size

      406B

    • MD5

      2607fb627718e227c1480de1a51fd683

    • SHA1

      75a0f9419e0ce36640ba9ef16b02c56dc8ca2f4e

    • SHA256

      4f59a6f813387f2e47fb6910ef7716a06b50cd2ba3a661bcf17181de1312831f

    • SHA512

      2dc4f4e52a308c15c1559d18aafd06e92255a735b65f599d6cf2019339508ed5ac9eef98669ce6c7e6915c53c71daaa8764b4b984813f4d35781ac3d24702ccc

    Score
    3/10

MITRE ATT&CK Matrix ATT&CK v6

Discovery

System Information Discovery

11
T1082

Tasks