General
-
Target
139744649f9a32633bdf75d82805a37483702380c2012b0b9750bf2b150f3f2f
-
Size
240KB
-
Sample
240420-h2xhwsca3x
-
MD5
01e8485506b49cb98fe627c60f06819d
-
SHA1
128293079a7573d1fab9c972bd2bc26878288c2d
-
SHA256
139744649f9a32633bdf75d82805a37483702380c2012b0b9750bf2b150f3f2f
-
SHA512
5a254ca43433537a2513b530b4f3bf142e50a7127f628da69b4f6edfdf9863412eebb811c87923479c14c282830419c6428a7ea90eab9649e263d628f10c14b2
-
SSDEEP
6144:65r3lV6n42+3WSKhxD8RVo2rcaGKNqAwyotp2u:6C+3xWDY9IpKNTwyoz
Static task
static1
Behavioral task
behavioral1
Sample
139744649f9a32633bdf75d82805a37483702380c2012b0b9750bf2b150f3f2f.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
139744649f9a32633bdf75d82805a37483702380c2012b0b9750bf2b150f3f2f.dll
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
139744649f9a32633bdf75d82805a37483702380c2012b0b9750bf2b150f3f2f
-
Size
240KB
-
MD5
01e8485506b49cb98fe627c60f06819d
-
SHA1
128293079a7573d1fab9c972bd2bc26878288c2d
-
SHA256
139744649f9a32633bdf75d82805a37483702380c2012b0b9750bf2b150f3f2f
-
SHA512
5a254ca43433537a2513b530b4f3bf142e50a7127f628da69b4f6edfdf9863412eebb811c87923479c14c282830419c6428a7ea90eab9649e263d628f10c14b2
-
SSDEEP
6144:65r3lV6n42+3WSKhxD8RVo2rcaGKNqAwyotp2u:6C+3xWDY9IpKNTwyoz
Score8/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1