General
-
Target
cs16_snow_leopard.exe
-
Size
376.8MB
-
Sample
240223-rngpysah96
-
MD5
15bc08a53230c2097b1fc23af3410fc4
-
SHA1
b5b567b30a70e650ed843aaaf161d0a59a2b9cfa
-
SHA256
15b5cad187f1ad49c2d556e27eb035cf5ac47c82972542aba889a79f62057505
-
SHA512
a58397b31bcbaa1f438ff91b293554a23daf8db450286f6468043eb57a8aea3c9726eafb1c913d13792a2441239902c69a6397d9e5488f5c554e23f89e57ba68
-
SSDEEP
6291456:Z6o1KCk0/CiMxXLL29bxarZ8LVl6T81DEt+XeVL8/JoFUGjV7BcqD4gjVTH7JZ:Z6wKKs1LC9bArZ8LVl6w1DEUQenGjV7B
Static task
static1
Behavioral task
behavioral1
Sample
cs16_snow_leopard.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
cs16_snow_leopard.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
cs16_snow_leopard.exe
-
Size
376.8MB
-
MD5
15bc08a53230c2097b1fc23af3410fc4
-
SHA1
b5b567b30a70e650ed843aaaf161d0a59a2b9cfa
-
SHA256
15b5cad187f1ad49c2d556e27eb035cf5ac47c82972542aba889a79f62057505
-
SHA512
a58397b31bcbaa1f438ff91b293554a23daf8db450286f6468043eb57a8aea3c9726eafb1c913d13792a2441239902c69a6397d9e5488f5c554e23f89e57ba68
-
SSDEEP
6291456:Z6o1KCk0/CiMxXLL29bxarZ8LVl6T81DEt+XeVL8/JoFUGjV7BcqD4gjVTH7JZ:Z6wKKs1LC9bArZ8LVl6w1DEUQenGjV7B
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-