Analysis
-
max time kernel
292s -
max time network
297s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
08/05/2024, 22:21
Static task
static1
Behavioral task
behavioral1
Sample
05a983eb0ead37a3613148ab82d17d37827ff4e6a1252e44a203d8fc3502dcd7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
05a983eb0ead37a3613148ab82d17d37827ff4e6a1252e44a203d8fc3502dcd7.exe
Resource
win10-20240404-en
General
-
Target
05a983eb0ead37a3613148ab82d17d37827ff4e6a1252e44a203d8fc3502dcd7.exe
-
Size
532KB
-
MD5
8c5cbd33a7677af0c51ac49874c09d51
-
SHA1
942860ed067ad591f8447fd86cf22831278f56a9
-
SHA256
05a983eb0ead37a3613148ab82d17d37827ff4e6a1252e44a203d8fc3502dcd7
-
SHA512
3b53aae26d6ec154048981904e27073a88a9b739e358948ed5bdeb0f0d84b05a864d418b2e89007dac391433edd64ee551f72651c660cff6af74fc3ab7857b10
-
SSDEEP
12288:WvuU+rl40uJyhQb5Qgi96VKTlAHgp4FW7TAJddG0FTO:3buJyGb46VYAH+4FWqTpE
Malware Config
Signatures
-
Pitou 2 IoCs
Pitou.
resource yara_rule behavioral2/memory/588-4-0x0000000000400000-0x0000000001A4F000-memory.dmp pitou behavioral2/memory/588-5-0x0000000000400000-0x0000000001A4F000-memory.dmp pitou -
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
description ioc Process File opened for modification \??\PHYSICALDRIVE0 05a983eb0ead37a3613148ab82d17d37827ff4e6a1252e44a203d8fc3502dcd7.exe