Overview

overview

7

Static

static

3

HDSentinel.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HDSentinel.exe

  • Size

    68.7MB

  • Sample

    240525-vzaybsbg9z

  • MD5

    2fb129c6f2831eecebf133357791dec2

  • SHA1

    cec78270ba4496c17763c44943996cec8a24e5f1

  • SHA256

    6b3fd422814d8c9df2d7990db25cff98840c8893eb4edccc01b4b12e0b5555cb

  • SHA512

    385351de3b3ac5cb6fa93a15026ce506b243b8ec6df6a6a116e4720f3ac463ad5c827d286a3ec27c065151fac6fd73456dfdb2acbf896966f02f2b1c42613e30

  • SSDEEP

    786432:7dJlAzZ9aRMhM/cV9HeLExCuoXxem5uHLC2B7Rb8hRZTiL2S45Ou3DE2uEJod83r:7yoMkcvKu3m5IeMwRRCB45Ou3lJBb

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      HDSentinel.exe

    • Size

      68.7MB

    • MD5

      2fb129c6f2831eecebf133357791dec2

    • SHA1

      cec78270ba4496c17763c44943996cec8a24e5f1

    • SHA256

      6b3fd422814d8c9df2d7990db25cff98840c8893eb4edccc01b4b12e0b5555cb

    • SHA512

      385351de3b3ac5cb6fa93a15026ce506b243b8ec6df6a6a116e4720f3ac463ad5c827d286a3ec27c065151fac6fd73456dfdb2acbf896966f02f2b1c42613e30

    • SSDEEP

      786432:7dJlAzZ9aRMhM/cV9HeLExCuoXxem5uHLC2B7Rb8hRZTiL2S45Ou3DE2uEJod83r:7yoMkcvKu3m5IeMwRRCB45Ou3lJBb

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks