Analysis
-
max time kernel
292s -
max time network
188s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
08/05/2024, 23:05
Static task
static1
Behavioral task
behavioral1
Sample
5a5a1194f8f5a81750205f5cfe21fae6969b40cfb77fba5385ba738f2a7ad3ee.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
5a5a1194f8f5a81750205f5cfe21fae6969b40cfb77fba5385ba738f2a7ad3ee.exe
Resource
win10-20240404-en
General
-
Target
5a5a1194f8f5a81750205f5cfe21fae6969b40cfb77fba5385ba738f2a7ad3ee.exe
-
Size
577KB
-
MD5
13b66643e6efa818780d69ee0bb06ee4
-
SHA1
0a80a1deb83f5a6dac0028156d786a7399582dc7
-
SHA256
5a5a1194f8f5a81750205f5cfe21fae6969b40cfb77fba5385ba738f2a7ad3ee
-
SHA512
7e133bcf41d8ab75e433d505dff9842dc4c1a7562bd2199aea81dcbe4ab6ce2373b68bec6ff243ea549670a8e3b79a3a3aea46b8e2c3f02827b3d3587655dbd9
-
SSDEEP
12288:IJQdGDC6j5ElJlPHVRCv2nOUth4vNRD1S8:IJQIDC6j5wJlvWv2nt41Ro8
Malware Config
Signatures
-
Pitou 2 IoCs
Pitou.
resource yara_rule behavioral2/memory/4400-4-0x0000000000400000-0x0000000002B4E000-memory.dmp pitou behavioral2/memory/4400-5-0x0000000000400000-0x0000000002B4E000-memory.dmp pitou -
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
description ioc Process File opened for modification \??\PHYSICALDRIVE0 5a5a1194f8f5a81750205f5cfe21fae6969b40cfb77fba5385ba738f2a7ad3ee.exe