General
-
Target
twitch_pfp.jpg
-
Size
15KB
-
Sample
240620-ntvxzsvhkc
-
MD5
b7f28efe746714ef69018ac2ad38c014
-
SHA1
d11a39a32ce3de71c14adda8d99a47c7fd708dea
-
SHA256
8e1d4b97942d0b374e62c273aaba9fd17151a11f3d11397ed3104613e7fe0466
-
SHA512
49b22891aa249e9c321fd3487bf2e2b5c809bfce861a1661c16cf5cafd431ffb29317ee4dd9335bc4b82a0bd7672cc90667be4ed1d82af8d53f439784b3eb830
-
SSDEEP
192:fIy0Kk7gFN9NbmaTDQNrVPXBb7xMJwYFOCgUn7QuivsD26KqgwEvyPQj:gLKkEFNfbmaTgrVJJ/YbI8K3fj
Static task
static1
Behavioral task
behavioral1
Sample
twitch_pfp.jpg
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
twitch_pfp.jpg
-
Size
15KB
-
MD5
b7f28efe746714ef69018ac2ad38c014
-
SHA1
d11a39a32ce3de71c14adda8d99a47c7fd708dea
-
SHA256
8e1d4b97942d0b374e62c273aaba9fd17151a11f3d11397ed3104613e7fe0466
-
SHA512
49b22891aa249e9c321fd3487bf2e2b5c809bfce861a1661c16cf5cafd431ffb29317ee4dd9335bc4b82a0bd7672cc90667be4ed1d82af8d53f439784b3eb830
-
SSDEEP
192:fIy0Kk7gFN9NbmaTDQNrVPXBb7xMJwYFOCgUn7QuivsD26KqgwEvyPQj:gLKkEFNfbmaTgrVJJ/YbI8K3fj
Score8/10-
Disables Task Manager via registry modification
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-