General

  • Target

    Hard.Disk.Sentinel.Pro-6.20.13190.exe

  • Size

    28.0MB

  • Sample

    240506-2d9cbsea7y

  • MD5

    993e12e3b9e94088aa988287e0299985

  • SHA1

    fff31b93377c2bd8f080aae7c5629bb3cc3da26b

  • SHA256

    e3331a6d80af6cad712c824e56a2eb1322cb859749fedcba7c20ed6e065be1f2

  • SHA512

    f8df1d94ae26fd0e4f5ac3a35b2483e0f59e207aa62ac73d5d0c9a3ef88d36cf2f14d28a70b72253b8ac0f4bcee0ab483487bd408a43ca9d7bc78d28f477f038

  • SSDEEP

    393216:W4am4MNYMw1nx8eiPgDiedcYIKTBsRBs1QgE46YgZd/e2kND2F0k27F6PlUyfMaO:WLhXHLiP7AtTeiQp46RtGW0B6d39Sys

Malware Config

Targets

    • Target

      Hard.Disk.Sentinel.Pro-6.20.13190.exe

    • Size

      28.0MB

    • MD5

      993e12e3b9e94088aa988287e0299985

    • SHA1

      fff31b93377c2bd8f080aae7c5629bb3cc3da26b

    • SHA256

      e3331a6d80af6cad712c824e56a2eb1322cb859749fedcba7c20ed6e065be1f2

    • SHA512

      f8df1d94ae26fd0e4f5ac3a35b2483e0f59e207aa62ac73d5d0c9a3ef88d36cf2f14d28a70b72253b8ac0f4bcee0ab483487bd408a43ca9d7bc78d28f477f038

    • SSDEEP

      393216:W4am4MNYMw1nx8eiPgDiedcYIKTBsRBs1QgE46YgZd/e2kND2F0k27F6PlUyfMaO:WLhXHLiP7AtTeiQp46RtGW0B6d39Sys

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Target

      HDSAction.exe

    • Size

      1.0MB

    • MD5

      612ff92a9968c51b30f72894bbf020e0

    • SHA1

      e8ac27f14b85110c1eeb0a86508c8e0eb19e3be3

    • SHA256

      9e4aeb313a970dc02d237392c6e37a2a37b98f3dbfe3b035ee0619cb7eab85d2

    • SHA512

      b5fd30559ff0cc4a2de7729bed8baa790df5ab2a44246a527a1745bf97807366bad043d31b42268317957cd32c59a2469669da04c1b9160a20804bddf2509363

    • SSDEEP

      24576:2djpoSACjUXMce55ZqQLwD0C/DSE51hS/Q:2djeSljUXtQwDl/DlhX

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks