General
-
Target
d7762c54fa046d865c72900516c16d92
-
Size
92KB
-
Sample
240320-atf7yace3y
-
MD5
d7762c54fa046d865c72900516c16d92
-
SHA1
0761ee8246cf9ff55b690e797428fb308baac3c0
-
SHA256
d5510814cab366b4fa203dd5dd161c6c955faddbf71a9e8ea5ff4dffc4442bc3
-
SHA512
4e7e109f361d7d2438b6b3eb1a9ce92b302a9d9bf7932088cb56ec07ab4e737e71e3dee2ffd328648e99899d38d53315a38068a0ea455ff043ef88885a119686
-
SSDEEP
1536:Gm7Ule6VdUevI/CQDn+PoQQQRnooooooooooooooooooooozDoooowoAciN46fze:j7IeK2CQDnYoQQQRui17qpvLf
Malware Config
Targets
-
-
Target
d7762c54fa046d865c72900516c16d92
-
Size
92KB
-
MD5
d7762c54fa046d865c72900516c16d92
-
SHA1
0761ee8246cf9ff55b690e797428fb308baac3c0
-
SHA256
d5510814cab366b4fa203dd5dd161c6c955faddbf71a9e8ea5ff4dffc4442bc3
-
SHA512
4e7e109f361d7d2438b6b3eb1a9ce92b302a9d9bf7932088cb56ec07ab4e737e71e3dee2ffd328648e99899d38d53315a38068a0ea455ff043ef88885a119686
-
SSDEEP
1536:Gm7Ule6VdUevI/CQDn+PoQQQRnooooooooooooooooooooozDoooowoAciN46fze:j7IeK2CQDnYoQQQRui17qpvLf
Score7/10-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1