General

  • Target

    Shell UHT Toolbox 5.35e - Expires Feb-01-2025.exe

  • Size

    9.9MB

  • Sample

    240726-dqh4xashpq

  • MD5

    73053b7e84746bf6d5fa37f926ea86fb

  • SHA1

    5f95d190c0f534fb86cad3f1989d649e575443a0

  • SHA256

    736fc3cc978fb4e53e729058df526e645b9c91d1a67a6685d0d5df84c81fdf8b

  • SHA512

    0ff08f937fe7eb3237d79893d01ee0cc75e635d3030ccfbb26345c09106dfaee3d68d70936aa7f06a4c94d347f237d4579c2882653207f7da9799a6c7d3ee20a

  • SSDEEP

    196608:85d6Rg9BIY/7UUQaeAdqJnSVoEO1uEMw+Wx8cybZOdWywDU/Esiffo9m7:85dXB/oUQaeAIQVoPujw+2dqs4am7

Malware Config

Targets

    • Target

      Shell UHT Toolbox 5.35e - Expires Feb-01-2025.exe

    • Size

      9.9MB

    • MD5

      73053b7e84746bf6d5fa37f926ea86fb

    • SHA1

      5f95d190c0f534fb86cad3f1989d649e575443a0

    • SHA256

      736fc3cc978fb4e53e729058df526e645b9c91d1a67a6685d0d5df84c81fdf8b

    • SHA512

      0ff08f937fe7eb3237d79893d01ee0cc75e635d3030ccfbb26345c09106dfaee3d68d70936aa7f06a4c94d347f237d4579c2882653207f7da9799a6c7d3ee20a

    • SSDEEP

      196608:85d6Rg9BIY/7UUQaeAdqJnSVoEO1uEMw+Wx8cybZOdWywDU/Esiffo9m7:85dXB/oUQaeAIQVoPujw+2dqs4am7

    • Office macro that triggers on suspicious action

      Office document macro which triggers in special circumstances - often malicious.

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks