General
-
Target
rocket-league-spotify-artwork.png
-
Size
833KB
-
Sample
240813-pc2vmsseqh
-
MD5
28952f1e3e40281a2fab2de9f228bc8a
-
SHA1
b4db183ea6ad6b6cc31c8cae5c6feba5352a1242
-
SHA256
40da1cd16fd7dff442fbf3241b58b5857012b0f3c28d84c59b7ff5b97f0ee735
-
SHA512
26a4d65a82d7594dd7cc65ecf372cd4abeb2367b7dc4589eb5e1ca55b868fae15995f0f3921580348d46e1bf2a6d803ceaad48792dde38c90ae593de8088d0b6
-
SSDEEP
12288:BXhYChvXgQEOUmrify0TXJq8UXyTIU8sGEcqu6vO3QSWh8Xsq0BD4jJyJoc2HaP6:jHFgQEjQsq3yckGDP3Qvq0BD4jJyJoB
Malware Config
Targets
-
-
Target
rocket-league-spotify-artwork.png
-
Size
833KB
-
MD5
28952f1e3e40281a2fab2de9f228bc8a
-
SHA1
b4db183ea6ad6b6cc31c8cae5c6feba5352a1242
-
SHA256
40da1cd16fd7dff442fbf3241b58b5857012b0f3c28d84c59b7ff5b97f0ee735
-
SHA512
26a4d65a82d7594dd7cc65ecf372cd4abeb2367b7dc4589eb5e1ca55b868fae15995f0f3921580348d46e1bf2a6d803ceaad48792dde38c90ae593de8088d0b6
-
SSDEEP
12288:BXhYChvXgQEOUmrify0TXJq8UXyTIU8sGEcqu6vO3QSWh8Xsq0BD4jJyJoc2HaP6:jHFgQEjQsq3yckGDP3Qvq0BD4jJyJoB
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-
System Binary Proxy Execution: Verclsid
Adversaries may abuse Verclsid to proxy execution of malicious code.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1System Binary Proxy Execution
1Verclsid
1