Overview

overview

6

Static

static

3

CdiResourc...il.exe

windows7-x64

1

CdiResourc...il.exe

windows10-2004-x64

1

CdiResourc...l4.exe

windows7-x64

1

CdiResourc...l4.exe

windows10-2004-x64

1

CdiResourc...48.exe

windows7-x64

1

CdiResourc...48.exe

windows10-2004-x64

1

CdiResourc...it.dll

windows7-x64

1

CdiResourc...it.dll

windows10-2004-x64

1

CdiResourc...it.dll

windows7-x64

1

CdiResourc...it.dll

windows10-2004-x64

1

CdiResourc...rs.dll

windows7-x64

1

CdiResourc...rs.dll

windows10-2004-x64

1

CdiResourc...h.html

windows7-x64

3

CdiResourc...h.html

windows10-2004-x64

3

CdiResourc...8.html

windows7-x64

3

CdiResourc...8.html

windows10-2004-x64

3

CdiResourc...n.html

windows7-x64

3

CdiResourc...n.html

windows10-2004-x64

3

CdiResourc...min.js

windows7-x64

3

CdiResourc...min.js

windows10-2004-x64

3

CdiResourc...min.js

windows7-x64

3

CdiResourc...min.js

windows10-2004-x64

3

CdiResourc...min.js

windows7-x64

3

CdiResourc...min.js

windows10-2004-x64

3

CdiResourc...ec.exe

windows7-x64

1

CdiResourc...ec.exe

windows10-2004-x64

3

DiskInfo32.exe

windows7-x64

6

DiskInfo32.exe

windows10-2004-x64

6

DiskInfo64.exe

windows7-x64

6

DiskInfo64.exe

windows10-2004-x64

6

DiskInfoA64.exe

windows7-x64

DiskInfoA64.exe

windows10-2004-x64

Analysis

  • max time kernel
    136s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/07/2024, 16:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DiskInfo64.exe

  • Size

    2.7MB

  • MD5

    290b9d139ca0057e5970d02bab50ee1e

  • SHA1

    19416e9b9e66b29bfbcd2be8d4051025e1370904

  • SHA256

    d6d7dde91c5d873778c7cfe300c4cd325cf827b522dbdd9834a2c636dcbd99d9

  • SHA512

    eab988fedf1d7988ec475f18d171f342d7c5ec6ca357f67041848f9eb018996ff8a36a8f3aa348c84f9a545c584118c899052ebd0ff656b06664e31cde58cde4

  • SSDEEP

    49152:HgZ3iZKjw0IehynmnM4atqZdd1v+0Krb:wIewnmnM4aqTPKrb

Score
6/10
bootkitpersistence

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DiskInfo64.exe
    "C:\Users\Admin\AppData\Local\Temp\DiskInfo64.exe"
    1⤵
    • Enumerates connected drives
    • Writes to the Master Boot Record (MBR)
    • Suspicious use of SetWindowsHookEx
    PID:5020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\DiskInfo.ini
    Filesize

    341B

    MD5

    60c6c6cdf940d0d0d198ccbf6c01ccd0

    SHA1

    e6a2bb9399677648a2b7387ea760f03968b5af5c

    SHA256

    61d880ad85851e6bcd6dce2070e619b5f18a6de20e4b26ccdd587f87f7cfa1c3

    SHA512

    eddd397b353c43bc76fb80fa67141b5554a0910335dacfa09e6d6c296d2bfa0f0a93b9ace3473ab41ed9d3a3da3b6c6bd0a15a3ab91d9156554959ada7a554d2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DiskInfo.ini
    Filesize

    176B

    MD5

    9764df2d07c28626db80339553f76134

    SHA1

    714780f7b60a5141205d8868182fd072fabbf998

    SHA256

    45378805ebfac1f69c405d46d3a4896d9aab112c5a71227605f09481f4f839a3

    SHA512

    6fac6844a525a823a186c2bdd49e3853e9302c912dc10e996c1ddca1e8ce59d5a58b3b1c0f49a4b2e14d70759b49ea507420badfbb9ee3e0db7507bd39d634e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DiskInfo.ini
    Filesize

    323B

    MD5

    2658c9051165b87d45f8f72d6aeaeaf3

    SHA1

    a01d328a112a5aef7ec2f8dbb22dd89c16638844

    SHA256

    9bf2cd7154cd6291d5fb2fcc0deb5ede354bd2f14a574428465e1e6ec7e5081c

    SHA512

    4540d2c299487a3f6da9bca914d9ed14e2ed788cd64cd7a353079587ed67cf38576fb572f27ae9f020fced44b433ed2444478f60d44cdaba616d1c846f49a424

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\DiskInfo.ini
    Filesize

    56B

    MD5

    639b21ec594fd6ec5802c828dd4ff54a

    SHA1

    74ce0add6ab4393ec10564121e3e11927f845cf6

    SHA256

    14d1c79e51df74708de3a6868d6fdd3dd30a33867051a7c60f0746ffc977003a

    SHA512

    89e36f93a2afec70873e4a6735db00cfbf01715888bab35cc7feab68e5a353495b2269f47b6cb2f4ecfd2faedc66367c1bbb157757a6dea0f91f93c0b99522d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Smart\DADY HARDDISKDD00013\09.csv
    Filesize

    25B

    MD5

    5a6d7ce05540e32dc913f5421735436e

    SHA1

    ec06d3af7f478861916aab9ba86ec13fdcbd17f1

    SHA256

    c848d8e77c4fd19a0da42d12ca7e3412b57cf99ca4b09fa852b0f8e965171509

    SHA512

    f43b519459b1b576820b332e7f7eec17867821e4e47fc5afc50c6af4d64690f571b572b3e7aa8925ebad7d389e3571ae0e7bf02a2352a1052c6dd4b4ca03cc35

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Smart\DADY HARDDISKDD00013\Smart.ini
    Filesize

    366B

    MD5

    008e53cf9dce6c33c82e6ca2403e4305

    SHA1

    b3bb0660aebdae8424fa11ca6e24e9482527baaa

    SHA256

    59a6c3d77faaf9f6a75940d7aa9537ddc4b2427e9e57a5b4423f2cbbccd5c6d9

    SHA512

    836b215e21ebb806a7bfd91132e062534bf3646d51fe2f281623c94637290aa4d92eb357dc7e6f16f40f0d03baa0f5f68751ae00e5d55a8415a01b1fc9d89ef5

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Smart\DADY HARDDISKDD00013\Smart.ini
    Filesize

    481B

    MD5

    2007fcb838f61f7c1959ed5428528dca

    SHA1

    d7530ef12630f37af44ee255c37c3e256882636b

    SHA256

    0848e83425b2478a4607f62b982ebfd3d54a947876b3a3a1a66ad10cd52da697

    SHA512

    5b8734b7c4b499245c12e886599ed9b8c341bca347e5977f71cd21b968202cc694111d5a12d80143c19218ec8a6668afa460108fd1377813717b5bbd9807a60d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Smart\DADY HARDDISKDD00013\Smart.ini
    Filesize

    536B

    MD5

    ce649d612cfaddff4085b4ecfb28068a

    SHA1

    060da7b9533ac72b3575ee466f6c680fa2fe6e9d

    SHA256

    11682ef8d6c9d3161d9b62392cffbf0d8e4f0172a34c653bafb52c42127132c9

    SHA512

    fe011652c5f54c076c4771cf73e24db80d818cafe1bd57c4c9167bb54f94818bd1e9cd8a6036839e33544aab18145b2f4b30fee207676356a9d95e9e24b89d7f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Smart\DADY HARDDISKDD00013\Smart.ini
    Filesize

    248B

    MD5

    c2b1b5740930837cd6ee3d5aac777cb3

    SHA1

    7ebb44337a0721d0fd7b135e08be16c6ff579374

    SHA256

    deba2a79160e5486b9e7cc70a07aed990216dda03ddb8135157c91ce2da8bb57

    SHA512

    71b8bc0aa46468fe76950d9964dc2058d2d09e4303cc279809fa46ef41adbabb401f0b0029566b75b59d69bfefd10d42f6b84135b785c38f431b95f5f0abcf60

    Download Submit