General
-
Target
SetupBlumaticaDVR_4_0_0_0_mdg6eer2s.zip
-
Size
863.0MB
-
Sample
240806-q81g5avcpe
-
MD5
f8ccf3c240f0ef1b7a4658632611d72a
-
SHA1
0b0319ae81f30468b74f8bd05537b68560f4fab8
-
SHA256
dd28604698dda974477b81b2089781581038804b21b3343dc7adf39d24ad407a
-
SHA512
bff4ead05ed4f7352f63c49a96dd35e5e7fc014d1aad5c02e9064f4041828f6ecc2801aec476f394912bb9b32793e1bbb8c266df63d76e8e0c5277196e9e314c
-
SSDEEP
25165824:PiH+Yr+lZUkmt7EF1nZr8RDb58DRuEGv/6z2a75jJLLiFO+vRjO03iQEEyU:tYr+luXpM1np8pbiD0EG36zP5jJXiFO0
Static task
static1
Behavioral task
behavioral1
Sample
SetupBlumaticaDVR_4_0_0_0.exe
Resource
win10-20240404-it
Malware Config
Targets
-
-
Target
SetupBlumaticaDVR_4_0_0_0.exe
-
Size
870.2MB
-
MD5
8efd5fba99cb469a78da83199c7390a6
-
SHA1
1c1d4ac63ad9d9507214c3894254c669d0620217
-
SHA256
a3523236051087f10f4ecbdbd088049f3ddc9f94803486641ded3d02d3ac7391
-
SHA512
802f09d33e63075a635bfcff0bb2bf9d4f315e83549b33a2ec64fbb47b48ff0bbc724116a5c7ec823b8143414e3fcc3f80ac70c43000c33daf5fcee191e2bcc8
-
SSDEEP
25165824:DxAKJQ1HffYXDnJ56cPcSPZ46J/uVDRoST8FsZK/0WV4ruADe0GAf:NJQhXYTJ57P7Pa6J/KDRL8FsA/0WV4r5
Score10/10-
Detects Strela Stealer payload
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1