Resubmissions
18-05-2024 06:29
240518-g85bmsfg9s 709-05-2024 08:53
240509-kthe4sce35 609-05-2024 08:25
240509-kbh9pabh34 808-05-2024 17:13
240508-vrwvtsha87 608-05-2024 17:13
240508-vrvmrsef5w 808-05-2024 12:49
240508-p2hs3adc7v 807-05-2024 11:17
240507-nd22csgc44 1007-05-2024 09:48
240507-lsq7asdf35 807-05-2024 09:43
240507-lp1assde35 107-05-2024 09:38
240507-lmjv2aag4z 7General
-
Target
v0f044gc0000clmruo7og65lhh8ne4g0.mp4
-
Size
4.5MB
-
Sample
240507-lmjv2aag4z
-
MD5
45b2647eadad13f8cf3137858fb0c3b5
-
SHA1
2d9b8f5ebc8dfb991eecadf9f85d62bfa6cb65ca
-
SHA256
ce537d6a75dc8eaf70494907770fdb780456fea1dc37947bd458481608c5939f
-
SHA512
d40f1d85507f0cd155061c9a95627523293b09005c914fdf9a5aa117646c8e1952b6cc420721daeffa2077e3098ead309b8ffa76d45c35310798d5b167fedb8c
-
SSDEEP
98304:4ju52Pv5pTpB4WuQLTyxZO3UUpTzFXRzeXwyqjq73zBOQcMN1H4nu9KC/GTG/:ULPh5QWuQCy3dpTzFhK7qjqvN1kuWTS
Malware Config
Targets
-
-
Target
v0f044gc0000clmruo7og65lhh8ne4g0.mp4
-
Size
4.5MB
-
MD5
45b2647eadad13f8cf3137858fb0c3b5
-
SHA1
2d9b8f5ebc8dfb991eecadf9f85d62bfa6cb65ca
-
SHA256
ce537d6a75dc8eaf70494907770fdb780456fea1dc37947bd458481608c5939f
-
SHA512
d40f1d85507f0cd155061c9a95627523293b09005c914fdf9a5aa117646c8e1952b6cc420721daeffa2077e3098ead309b8ffa76d45c35310798d5b167fedb8c
-
SSDEEP
98304:4ju52Pv5pTpB4WuQLTyxZO3UUpTzFXRzeXwyqjq73zBOQcMN1H4nu9KC/GTG/:ULPh5QWuQCy3dpTzFhK7qjqvN1kuWTS
Score7/10-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-