Overview

overview

7

Static

static

3

HDTunePro5.5.exe

windows7-x64

7

HDTunePro5.5.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HDTunePro5.5.exe

  • Size

    643KB

  • Sample

    230719-lrlv7ace7w

  • MD5

    33cdb6726b3201807b4f111e9f1deda3

  • SHA1

    e5bcbbdd1d3637ebba3fd2b67a75c0db93252fc5

  • SHA256

    5a549502964ba6fc1847b65745f97e6bcb1d8f9d9c3939f39359fa725ce8f3f7

  • SHA512

    6964ecf6e6fdbfbb2c0d2009ec4fbbfe4b2b08dc60c9a5c67a791a723ebe7cacc80895be9d8ef19e5edb540a300526bdf82b902b26947f7dd3ba5c649248895e

  • SSDEEP

    12288:CBltMukdAQYB/H3ePjpawfT/te8l5lumGOX5c1ilaVC:CBrM1dw/HOowLN5lqON4VC

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      HDTunePro5.5.exe

    • Size

      643KB

    • MD5

      33cdb6726b3201807b4f111e9f1deda3

    • SHA1

      e5bcbbdd1d3637ebba3fd2b67a75c0db93252fc5

    • SHA256

      5a549502964ba6fc1847b65745f97e6bcb1d8f9d9c3939f39359fa725ce8f3f7

    • SHA512

      6964ecf6e6fdbfbb2c0d2009ec4fbbfe4b2b08dc60c9a5c67a791a723ebe7cacc80895be9d8ef19e5edb540a300526bdf82b902b26947f7dd3ba5c649248895e

    • SSDEEP

      12288:CBltMukdAQYB/H3ePjpawfT/te8l5lumGOX5c1ilaVC:CBrM1dw/HOowLN5lqON4VC

    Score
    7/10
    bootkitpersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks