Overview
overview
10Static
static
10Windows/Boot/$I30
windows7-x64
1Windows/Boot/$I30
windows10-2004-x64
1Windows/Bo...es.ini
windows7-x64
1Windows/Bo...es.ini
windows10-2004-x64
1Windows/Bo...FI/BCD
windows7-x64
1Windows/Bo...FI/BCD
windows10-2004-x64
1Windows/Bo...ot.sdi
windows7-x64
3Windows/Bo...ot.sdi
windows10-2004-x64
3Windows/Bo...ys.bin
windows7-x64
3Windows/Bo...ys.bin
windows10-2004-x64
3Windows/Bo...pt.bin
windows7-x64
3Windows/Bo...pt.bin
windows10-2004-x64
3Windows/Bo...AT/BCD
windows7-x64
1Windows/Bo...AT/BCD
windows10-2004-x64
1Windows/Bo...ot.sdi
windows7-x64
3Windows/Bo...ot.sdi
windows10-2004-x64
3Windows/Bo...ix.bin
windows7-x64
3Windows/Bo...ix.bin
windows10-2004-x64
3Windows/Boot/EFI/$I30
windows7-x64
1Windows/Boot/EFI/$I30
windows10-2004-x64
1Windows/Im...25.png
windows7-x64
3Windows/Im...25.png
windows10-2004-x64
3Windows/Im...50.png
windows7-x64
3Windows/Im...50.png
windows10-2004-x64
3Windows/Im...00.png
windows7-x64
3Windows/Im...00.png
windows10-2004-x64
3Windows/Im...00.png
windows7-x64
3Windows/Im...00.png
windows10-2004-x64
3Windows/Im...te.png
windows7-x64
3Windows/Im...te.png
windows10-2004-x64
3Windows/Im...00.png
windows7-x64
3Windows/Im...00.png
windows10-2004-x64
3General
-
Target
evidencias_sorvologaunt.7z
-
Size
829.8MB
-
Sample
230531-wx7d7agh78
-
MD5
130decf0165501e8e53148035b057bd5
-
SHA1
a3358d79b6b24bd2afb5267a6bbe8672fd0613b6
-
SHA256
6c22662a21bcaf8b65b581982cd5e6f91448a01d6cf94ff13d3ba4b87ae97d25
-
SHA512
a93b62ae9abace52b3bc9706a0ddce958489f82c044c8050b297393c513d82353c6d2e8e76c30903c3d61bdedbe6adcfa05173fc2bb2a34287624f27ac44c002
-
SSDEEP
25165824:/Ul/xZ7kQbLn8+c3f71eo4/VmC/kl7yl+ed99/fHks+C:8p7AQXy7x4/sDo1VfES
Behavioral task
behavioral1
Sample
Windows/Boot/$I30
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Windows/Boot/$I30
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
Windows/Boot/BootDebuggerFiles.ini
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
Windows/Boot/BootDebuggerFiles.ini
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
Windows/Boot/DVD/EFI/BCD
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
Windows/Boot/DVD/EFI/BCD
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
Windows/Boot/DVD/EFI/boot.sdi
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
Windows/Boot/DVD/EFI/boot.sdi
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
Windows/Boot/DVD/EFI/en-US/efisys.bin
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
Windows/Boot/DVD/EFI/en-US/efisys.bin
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
Windows/Boot/DVD/EFI/en-US/efisys_noprompt.bin
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
Windows/Boot/DVD/EFI/en-US/efisys_noprompt.bin
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
Windows/Boot/DVD/PCAT/BCD
Resource
win7-20230220-en
Behavioral task
behavioral14
Sample
Windows/Boot/DVD/PCAT/BCD
Resource
win10v2004-20230221-en
Behavioral task
behavioral15
Sample
Windows/Boot/DVD/PCAT/boot.sdi
Resource
win7-20230220-en
Behavioral task
behavioral16
Sample
Windows/Boot/DVD/PCAT/boot.sdi
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
Windows/Boot/DVD/PCAT/es-ES/bootfix.bin
Resource
win7-20230220-en
Behavioral task
behavioral18
Sample
Windows/Boot/DVD/PCAT/es-ES/bootfix.bin
Resource
win10v2004-20230220-en
Behavioral task
behavioral19
Sample
Windows/Boot/EFI/$I30
Resource
win7-20230220-en
Behavioral task
behavioral20
Sample
Windows/Boot/EFI/$I30
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-125.png
Resource
win7-20230220-en
Behavioral task
behavioral22
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-125.png
Resource
win10v2004-20230220-en
Behavioral task
behavioral23
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-150.png
Resource
win7-20230220-en
Behavioral task
behavioral24
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-150.png
Resource
win10v2004-20230221-en
Behavioral task
behavioral25
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-200.png
Resource
win7-20230220-en
Behavioral task
behavioral26
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-200.png
Resource
win10v2004-20230220-en
Behavioral task
behavioral27
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-400.png
Resource
win7-20230220-en
Behavioral task
behavioral28
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-400.png
Resource
win10v2004-20230220-en
Behavioral task
behavioral29
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-white.png
Resource
win7-20230220-en
Behavioral task
behavioral30
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-white.png
Resource
win10v2004-20230220-en
Behavioral task
behavioral31
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-white_scale-100.png
Resource
win7-20230220-en
Behavioral task
behavioral32
Sample
Windows/ImmersiveControlPanel/images/logo.contrast-white_scale-100.png
Resource
win10v2004-20230220-en
Malware Config
Extracted
https://cem.services.microsoft.com/v2.0/products/Troubleshooter-WindowsUpdate/errors/Unknown/message
Targets
-
-
Target
Windows/Boot/$I30
-
Size
4KB
-
MD5
f2407ab2625d84a29ba851ff998385bf
-
SHA1
3d461221b77a28cbaff9bba60ce21c4a2afc70c7
-
SHA256
39ae3c54e631c6798d14a964f4d1a7bd730d431cb71caad0c72cdede837a53d9
-
SHA512
cf985425c0f529510640564fd0f562a28da0bf7594772ab825d914dd270acb8fb084a11dfad000919027aa6443843205fea7e95c3023f0cd7140448daef661dd
Score1/10 -
-
-
Target
Windows/Boot/BootDebuggerFiles.ini
-
Size
91B
-
MD5
884885cd0abca482c4d65431b460cce8
-
SHA1
ce2e7e11ba4f91497078f46b5dea00aabd310d49
-
SHA256
a2b580321650a9e249e253eff90096981876323fbbccd0436af173ad6759b3a1
-
SHA512
2404a88cfeb38fdc9910f362a8afb4e7f1bedc7eda8957d985cf5e4aa6e46527a4a01a7cb143b332a1e61c4c41a471d0721622e7f66985eb935a13220553d4f7
Score1/10 -
-
-
Target
Windows/Boot/DVD/EFI/BCD
-
Size
16KB
-
MD5
c40d6d0407a253f0bfee1ba6cf7381bc
-
SHA1
727f2995fb9740cf57ca51cd1697f819ffde3cd3
-
SHA256
bff472748d463452679b3912c6e3317c23f310fc60d580c988f00237f2ab157f
-
SHA512
a8aa5dc00acd306986638a2ab8fa174b1b167c5df95484a58bf61b36147be9e4ed2751eef1d0be13cf31f77b04bcf5e64e70524889faac98901202ea1680b1b9
-
SSDEEP
192:TLtEOHTQlKWZu4NjBp606loecfx/5HfOLB6wm7QwucNcGVgw:TLtEOHqRVIVpoh5/Ss9Ewv
Score1/10 -
-
-
Target
Windows/Boot/DVD/EFI/boot.sdi
-
Size
3.0MB
-
MD5
22d9945b4aae36dd59620a918f2e65f4
-
SHA1
bb025cedca07887916c4b7e5fa7a641ed3e30c14
-
SHA256
cd2c00ce027687ce4a8bdc967f26a8ab82f651c9becd703658ba282ec49702bd
-
SHA512
dd2d0ea7d5cf98064838ce0b74711f77534e1a2a14c7f74d44ed4b83acdb6f413d74671d2c6a8574aee88afb456b53a6b8452419a3bdddf2f7e9095c9d1d272e
-
SSDEEP
3072:S/pcj53vs/InbrTIHvPnHmC5irUuMo/+ncoZZihnh:acRn7y/EouH/cpi
Score3/10 -
-
-
Target
Windows/Boot/DVD/EFI/en-US/efisys.bin
-
Size
1.4MB
-
MD5
11a1dbc6ca6863bc889114636d979fb5
-
SHA1
d45c4643e5ed3f8922c0ed99f31194e4b9e4612e
-
SHA256
8945d88d65809d2555c50c40a736b6f32added33d09df2d18ca0e40098b52e03
-
SHA512
4dd402389301986332d4419717d92f5b5417a3f5e0373ef4cac75253a58abf00e6c7d9e9d6b7844a4f58b1925fe9827b0f11cd460313a79f8d41f48f99af2334
-
SSDEEP
24576:jYDb1GLdr7ecbtUgPUX53cizXxgnaSJ0jPmRoIdQ:Zldb2CU2ijdLmu
Score3/10 -
-
-
Target
Windows/Boot/DVD/EFI/en-US/efisys_noprompt.bin
-
Size
1.4MB
-
MD5
d0f30c2942960dfce0e90efb382385cf
-
SHA1
23e897410c65b06cdfa4a166bc8929d8ee796243
-
SHA256
9efc728c4724ade5ee477f4c73b97bd1bc3fe05a2bedb1f435f908d5c7ba908e
-
SHA512
b6cb5b6e6bb88f59ce3a03fcdeeb5f1fae68b09b1adbf6780d4ed17b57b987554ce621fd5f91ba4e06859572740bdb1c681e755d34d1899eae35266227614863
-
SSDEEP
24576:lRjbjmGfDjGbQD9u3G1WZGsR1BTl6XlzPmdoIK:uMeQZcG5sRT+lbm6Z
Score3/10 -
-
-
Target
Windows/Boot/DVD/PCAT/BCD
-
Size
16KB
-
MD5
2e606663ad052407e303e6b07330c23f
-
SHA1
11813ada097698cf3dbca4b2cb71c915a1c86be5
-
SHA256
163271449a0e8e108b9e78b04d732191d9bb6d556bf2bc0ce8a4cd56b84fcc3c
-
SHA512
2a82ee1902c344c67df6ae5b8352be0756a1aa9a8ecff90d6e431407868738ffc0d4c843477e57af3375fcbcd9eeb3fc3f42774576ccd597f6b0f06aec7e12a0
-
SSDEEP
384:UiM+evQr/FWmjxdpLCuktEFnK83zP4eyZq9HNeUEKPMS6SrLdYKL7CKXFq5ndC:Uer/FWmjxdpLCuktEFnK83zP4eyZq9Hw
Score1/10 -
-
-
Target
Windows/Boot/DVD/PCAT/boot.sdi
-
Size
3.0MB
-
MD5
22d9945b4aae36dd59620a918f2e65f4
-
SHA1
bb025cedca07887916c4b7e5fa7a641ed3e30c14
-
SHA256
cd2c00ce027687ce4a8bdc967f26a8ab82f651c9becd703658ba282ec49702bd
-
SHA512
dd2d0ea7d5cf98064838ce0b74711f77534e1a2a14c7f74d44ed4b83acdb6f413d74671d2c6a8574aee88afb456b53a6b8452419a3bdddf2f7e9095c9d1d272e
-
SSDEEP
3072:S/pcj53vs/InbrTIHvPnHmC5irUuMo/+ncoZZihnh:acRn7y/EouH/cpi
Score3/10 -
-
-
Target
Windows/Boot/DVD/PCAT/es-ES/bootfix.bin
-
Size
1024B
-
MD5
0a6649b9bcc1dddb472f5164b389f814
-
SHA1
5aeb4adb929629b2e8a2866001873e8a1f14cdbc
-
SHA256
c7d887a06c04e167f774f3c3b7abece896beb058a8f8769bdb566544a3cf34b7
-
SHA512
67fc3a7774c3c290548acefa25f3005fa18f739bd37d8bf965de536cadabfb96c194daaa4835fd820a781000b0fdb6384e7f3d89b37eaebcb7327f635e060f34
Score3/10 -
-
-
Target
Windows/Boot/EFI/$I30
-
Size
8KB
-
MD5
974a279b883a7307d994e46d23b2ab00
-
SHA1
7502c4f08c3744ce5f90756db935a085c6f3ab65
-
SHA256
ba97592f777769c76a37a6e1bf8811d37e53749ca7baf55f78b90f1ccc31bea6
-
SHA512
98de65f64ffb1a1c9aff92e8e13404279050ca127bee6d06025a85cdb88769c23f10b608226256ef5b582d3faa0a8c86bdece68335e5753982a462b5d92dc5b2
-
SSDEEP
96:kl0DECtRLBJ1gd1p/CS/CYb/Cg/Cl/CA/r/CH/C/P/CAFWzZ2qVx:jtRLBQdmFWzEqVx
Score1/10 -
-
-
Target
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-125.png
-
Size
529B
-
MD5
d903610906a2659153603646ee45caf4
-
SHA1
743539d615de7b7765e8564cb1d95239f907578c
-
SHA256
b4aa48581115b7eeb4a4e8462e9f476b279be5b7cec888d0c0148bf071eec802
-
SHA512
a78cd6e128983121adb8863f6a64a3ecb04ac26e31245a8f142401705c79e45fcd1bdc9ec52793e83135e2ded6eb4c97f2191679705e306e4f5c6ebf7fe01ecf
Score3/10 -
-
-
Target
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-150.png
-
Size
612B
-
MD5
8a15c7a953696c5af24f2fe99fabfeed
-
SHA1
f5a3cf472b7c4caf20416c6f64ba360dac6d0888
-
SHA256
98cf27b7844af345897c1ba2a0e698e13cc69c731fb7394c35c8207b239c48ee
-
SHA512
83921c4790cfaddbe6aea1dff9b4cd859adc4743b2db22bc984ad0dd14963f181cdc25b0d72b0167b7df67fc56826e2ce72a3cb34c0be84fc386e5757a32f05b
Score3/10 -
-
-
Target
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-200.png
-
Size
791B
-
MD5
c0e7a4269a9216e910813a7a657541eb
-
SHA1
20b69f992ef734ed598b959d1d153c1629204aed
-
SHA256
6743a2b51691b6d7b9b2db123a5f2f98d1119a35b51cb0d9c0759419d1cbd30f
-
SHA512
95c3c7df44385a9d633be81e9ceec411b8a12d69cf6e0fa0b834f79b2cc1c967841ba86d95e84bb3441c08664c9495464fb5697f83b00e88fd7277f268fe1eb2
Score3/10 -
-
-
Target
Windows/ImmersiveControlPanel/images/logo.contrast-black_scale-400.png
-
Size
2KB
-
MD5
294326727e9b99e520ea00704fbe5daa
-
SHA1
5dec77cf66425ff50a245f634bc47296c0f7d492
-
SHA256
fc2c7e923f88cff44f641227d066af84fce7b3f3bef7a7775363f0961a7c1c28
-
SHA512
27f49ae671d905711f9394e42eb681ef2950bee66d8cea6ca352294c31896e17a762d28286eec6986df36c1198d5d71a523ac8d3b1df685cb626f959c65a1a6d
Score3/10 -
-
-
Target
Windows/ImmersiveControlPanel/images/logo.contrast-white.png
-
Size
406B
-
MD5
2607fb627718e227c1480de1a51fd683
-
SHA1
75a0f9419e0ce36640ba9ef16b02c56dc8ca2f4e
-
SHA256
4f59a6f813387f2e47fb6910ef7716a06b50cd2ba3a661bcf17181de1312831f
-
SHA512
2dc4f4e52a308c15c1559d18aafd06e92255a735b65f599d6cf2019339508ed5ac9eef98669ce6c7e6915c53c71daaa8764b4b984813f4d35781ac3d24702ccc
Score3/10 -
-
-
Target
Windows/ImmersiveControlPanel/images/logo.contrast-white_scale-100.png
-
Size
406B
-
MD5
2607fb627718e227c1480de1a51fd683
-
SHA1
75a0f9419e0ce36640ba9ef16b02c56dc8ca2f4e
-
SHA256
4f59a6f813387f2e47fb6910ef7716a06b50cd2ba3a661bcf17181de1312831f
-
SHA512
2dc4f4e52a308c15c1559d18aafd06e92255a735b65f599d6cf2019339508ed5ac9eef98669ce6c7e6915c53c71daaa8764b4b984813f4d35781ac3d24702ccc
Score3/10 -