45f63bf97c7e749875fd8eb87f4476e684ecefb511d173e8336ef889d1c905db | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Pokemon Ur...er.exe

windows7-x64

7

Pokemon Ur...er.exe

windows10-2004-x64

7

Sharing

General

Target

Pokemon Uranium v1.2.5 Installer.exe
Size

268.4MB
Sample

230612-vytn2sdf7z
MD5

66c7cb220356b9bc9b85f4c110b02631
SHA1

003f31a708dda9446b9bd87b568d7ec36d7b06e5
SHA256

45f63bf97c7e749875fd8eb87f4476e684ecefb511d173e8336ef889d1c905db
SHA512

baab16f453151e842c0ce19e0a236825d38a3e102ce955b7d69ddee27cf8dd84bc32819cb3c0f0ba6f3b5ab84fc85b3b6fca69b278de752da49e143f3beee6ab
SSDEEP

6291456:3Od4PNbVT2xQf6XTi9+hbxJBw7wcH/zXwi3SYGEO4:edIVTAU+hbxJBYws/zXwvE7

Score

7^/10

aspackv2 bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Pokemon Uranium v1.2.5 Installer.exe

Resource

win7-20230220-en

aspackv2 bootkit discovery persistence

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

Pokemon Uranium v1.2.5 Installer.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  Pokemon Uranium v1.2.5 Installer.exe
- Size
  
  268.4MB
- MD5
  
  66c7cb220356b9bc9b85f4c110b02631
- SHA1
  
  003f31a708dda9446b9bd87b568d7ec36d7b06e5
- SHA256
  
  45f63bf97c7e749875fd8eb87f4476e684ecefb511d173e8336ef889d1c905db
- SHA512
  
  baab16f453151e842c0ce19e0a236825d38a3e102ce955b7d69ddee27cf8dd84bc32819cb3c0f0ba6f3b5ab84fc85b3b6fca69b278de752da49e143f3beee6ab
- SSDEEP
  
  6291456:3Od4PNbVT2xQf6XTi9+hbxJBw7wcH/zXwi3SYGEO4:edIVTAU+hbxJBYws/zXwvE7
Score

7^/10

aspackv2 bootkit discovery persistence
- ASPack v2.12-2.42
  Detects executables packed with ASPack v2.12-2.42
  aspackv2
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops desktop.ini file(s)
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

aspackv2bootkitdiscoverypersistence

behavioral2

© 2018-2024

Terms | Privacy