General
-
Target
zzztest455.exe
-
Size
8.1MB
-
Sample
240726-3rc2qasdpj
-
MD5
771d3bf4dd08aee1aeb4d16edda8ee0e
-
SHA1
e90185fb391e06763b2d2efc4434be87cbd8f1ce
-
SHA256
4e354e4e7b09eec60745e0e5a1f169da0d6dcc85b8df368c78c097fc54c61e5a
-
SHA512
82ffaaee290ce6cf7c90552ce4fd7684b67a6a36c67ae028eeaae8a9e3d35a2b069ad43074feb9c7f69219ab4ea359bf53c24552fccb1dfc521dc74ee3be0e90
-
SSDEEP
196608:b4KACcuywuLlA1HeT39Iigp1ncKOVVt0CTa7weBtQcNP+Z:EscuRr1+TtIiW0VuwA6f
Behavioral task
behavioral1
Sample
zzztest455.exe
Resource
win11-20240709-en
Malware Config
Targets
-
-
Target
zzztest455.exe
-
Size
8.1MB
-
MD5
771d3bf4dd08aee1aeb4d16edda8ee0e
-
SHA1
e90185fb391e06763b2d2efc4434be87cbd8f1ce
-
SHA256
4e354e4e7b09eec60745e0e5a1f169da0d6dcc85b8df368c78c097fc54c61e5a
-
SHA512
82ffaaee290ce6cf7c90552ce4fd7684b67a6a36c67ae028eeaae8a9e3d35a2b069ad43074feb9c7f69219ab4ea359bf53c24552fccb1dfc521dc74ee3be0e90
-
SSDEEP
196608:b4KACcuywuLlA1HeT39Iigp1ncKOVVt0CTa7weBtQcNP+Z:EscuRr1+TtIiW0VuwA6f
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Netsh Helper DLL
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Netsh Helper DLL
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1