General
-
Target
d0be347179715db77e40ef4a50439da2
-
Size
946KB
-
Sample
240317-nfcjgsdb52
-
MD5
d0be347179715db77e40ef4a50439da2
-
SHA1
4b94bc600735eb5eed60a471dd788e7d0e2586b8
-
SHA256
767c367613633db9798a37c366a0166e132bef1ebd74b7a51c28711d42bb1e83
-
SHA512
2d56ead24db04d054fac5c737acb99449cb9317ff3865db89d7dded4d72cfa702d129850504d11b1abe85367cad5f40c0524d1b6fab86b33aa7ae238b7ea8e40
-
SSDEEP
24576:wSW+8M9O1qYOrrfGkFpuJieh6NvZKPubpeM:U9NPOrKkWJieh65Zte
Behavioral task
behavioral1
Sample
d0be347179715db77e40ef4a50439da2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d0be347179715db77e40ef4a50439da2.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
d0be347179715db77e40ef4a50439da2
-
Size
946KB
-
MD5
d0be347179715db77e40ef4a50439da2
-
SHA1
4b94bc600735eb5eed60a471dd788e7d0e2586b8
-
SHA256
767c367613633db9798a37c366a0166e132bef1ebd74b7a51c28711d42bb1e83
-
SHA512
2d56ead24db04d054fac5c737acb99449cb9317ff3865db89d7dded4d72cfa702d129850504d11b1abe85367cad5f40c0524d1b6fab86b33aa7ae238b7ea8e40
-
SSDEEP
24576:wSW+8M9O1qYOrrfGkFpuJieh6NvZKPubpeM:U9NPOrKkWJieh65Zte
Score8/10-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2