Analysis
-
max time kernel
132s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
-
submitted
27-07-2024 04:24
General
-
Target
SecuriteInfo.com.BScope.Trojan.Gleamaster.31531.30189.exe
-
Size
3.7MB
-
MD5
465a36be17c21d86f4e0a1c23604c10b
-
SHA1
579ef97fc5065c9f1f15053200317b61c62c741b
-
SHA256
841678461212803669c7cc19815f64e41457baefa7fe72306f613124e1c2da94
-
SHA512
c6afeadb5045d38dc58de2ad6509d8ed65bf55667e42a0a0617e047e22d712f824106bc335481d0660d94ec0edd23ca00bb50009794f20004a526a45fbfae989
-
SSDEEP
98304:gJNy4LlAnp37Ekmuce5XdZaPgloBhlpv9S5vCvxCW:gJN1l7e5XdfE9S5vqx/
Score
6/10
Malware Config
Signatures
-
Writes to the Master Boot Record (MBR) 1 TTPs 1 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in Program Files directory 1 IoCs
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.BScope.Trojan.Gleamaster.31531.30189.exe"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.BScope.Trojan.Gleamaster.31531.30189.exe"1⤵
- Writes to the Master Boot Record (MBR)
- Drops file in Program Files directory
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx