3acb94f442e02f6166d75d811089e6bba356ad9750247551cb4974f7c51a5ee8

General

Target

Windows 11 Death Edition (CreepyPasta).zip
Size

14.0MB
Sample

240905-bm3yss1ekh
MD5

38e4d8073425508706398cc862edad95
SHA1

3378cec0995576de014e30d0c26b8336abc7dc74
SHA256

3acb94f442e02f6166d75d811089e6bba356ad9750247551cb4974f7c51a5ee8
SHA512

1054af0fe336a96d02f939e36b746c4231c1c5ded1dbe0fbf264cf4ebaa16777063d86cbb3c987929a2cc382b9f815ff0198165795144a2ca402a6a8468f880f
SSDEEP

393216:3wZOsYvmlrX7sQc6igeOg5Gubdn/O/ZglH2:AjI6inOgLawH2

Score

8^/10

Malware Config

Targets

- Target
  
  Win11DeathEdition.exe
- Size
  
  6.0MB
- MD5
  
  3b0fd2b8fa11f834837fa3e4c6868d1c
- SHA1
  
  7f6c7b922dc5a11e14a4c85321dd897dfe199c7a
- SHA256
  
  bd67e0b196bd3e1b23eb8b6952aefea5cd54dbd48022de958871d8c9678bd56f
- SHA512
  
  1a822326fc5983a1ba29095987fa3984bb442d4d85b3c381e2d5204da20032b9086ac7c0b02a5ca87f8b0981cf5fa5c9369ab5a2c4101c71e565572121a9c06a
- SSDEEP
  
  98304:1ucoALJpTqcAVsxPwjYPYQgcioJN+r9B0afk6HZ7naOucWwAxkvy27Pt+Uv8GStQ:1ukDRwjYPYQgciuN+5aYHZDaOf9A4yCf
Score

8^/10

bootkit discovery evasion persistence ransomware upx
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
- Disables Task Manager via registry modification
  evasion
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1
- Target
  
  Windows 11 Death Edition Source Code/Bat To Exe Converter/Bat_To_Exe_Converter.exe
- Size
  
  444KB
- MD5
  
  76d5900a4adf4c1f2ab8dbfd0a450c4a
- SHA1
  
  6177a27416519564ecb5d38093d61c9a81d3c290
- SHA256
  
  7adc1f7ff040628a600f99465bd70e71ad83fecfe60b0f1dadc84b5d262ff350
- SHA512
  
  286b05ff09d4e85856c251d56902486738d9b2457d9a56ea8a449195b349f2718816099f4602efba88dad592dd6cecefcd0748382888c3026dd585b3e46f0c6e
- SSDEEP
  
  12288:iYicHMPMDp8WrZtzlqQMB/FS/CiUF7RAfoSBjF:viuMPMDp8mtzbMFFS/CzKF
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral2
- Target
  
  Windows 11 Death Edition Source Code/Bat To Exe Converter/help.chm
- Size
  
  14KB
- MD5
  
  ffa8c49b21b077b0dc4b51a1f6f9a753
- SHA1
  
  5fe5b4d96b266b29bd7aaf41b32394f58e7416e2
- SHA256
  
  00037bfc41afacf262afda160e17d3cca33606276324e99bbd93ad1207e9a7c0
- SHA512
  
  751eeaef0828ec4416569291ebf3f434208ff43405221339688ec2535cd5947d58ad4d2fd8ea073aa0554f712783f5ec8d5f42dfc4ee935d2905bc541ccd0a9b
- SSDEEP
  
  192:TQ3bVqwNUWqaGA9yb6OmVbelnchhvm2I2S1O:TQLbNJqHA9YYVbCahvm280
Score

1^/10
behavioral3
- Target
  
  Windows 11 Death Edition Source Code/Win11DeathEdition.cmd
- Size
  
  3KB
- MD5
  
  ad203d1712509a695e9584cb5bcff77f
- SHA1
  
  270bf457774294c1106a1a5c8ebf527de8ca1cdd
- SHA256
  
  a4eea0cf3a3710cbe1c84db2b857fc0ec5c86f9db86e42ca3a7d0e20c736903c
- SHA512
  
  ffec78424b83122f8ca3ff7f4868ad509733c5617d03dc5d4002e9e9fb3055868c8c6313d5e552c8b8f4efad9478ca0e62a78256433737db3ddac568d453630c
Score

1^/10
behavioral4
- Target
  
  Windows 11 Death Edition Source Code/bgm.exe
- Size
  
  102KB
- MD5
  
  dbc7a3b514ea61b80abddd1b0ce0f7b0
- SHA1
  
  fc30e8ca86ccca6437892b81b2027eaaef4b0123
- SHA256
  
  0655d878f1ad0cf365abaa2c41eb5ab84215265ba22300eb4e4603605280c040
- SHA512
  
  12ed40c58cde189eb7554c4dccc0558f9302a98f60274f1ddaee5f86bff89e4af2849724b40322ace269160d1c00cc9b508e32ed28c2b484412e4493289bfbbf
- SSDEEP
  
  768:J7FcybtwpM91ivG4al7fCwjfecgExpYc467yyxqOyWOjonu3yUyJCbfw287RDmay:v5iToUcHYGykqODu3yUyJCbfw287h1sF
Score

3^/10

discovery
behavioral5
- Target
  
  Windows 11 Death Edition Source Code/escape.vbs
- Size
  
  112B
- MD5
  
  c5466729495e1701b6e548e798e39e39
- SHA1
  
  b8c08a7fc8c2d599bd416de20f1a7dfe608ff075
- SHA256
  
  5464ffdd8c2be512dfe8f6fb001b5ef92289d047b3c8715fe6032903d69c8341
- SHA512
  
  a87e8d77545850b80fe7f088b0948c12e1e4d18e97950a3a084c3114683e4dd2e003498ce2a9e3339cbd1c27f17f1a79829832d6456420b931dff1571323d4de
Score

3^/10
behavioral6
- Target
  
  Windows 11 Death Edition Source Code/mbr.exe
- Size
  
  1.3MB
- MD5
  
  597309673628821262337de44e464773
- SHA1
  
  76f8af0dfd0e955c3334beddf537ca627e371754
- SHA256
  
  7947e5a4195b52ce9fe4133f21a7c8bcf9d90495fddbb49939976f7819c93e21
- SHA512
  
  d739cb91e20860d73e14df2a24364ae61932b81a6a07b86e3fbd35eee9ca12db5ca9ef02e16723896414701f61d8b80563e2f83187515d1fc67bbf0d705a57dc
- SSDEEP
  
  24576:RT3LlvRiQNGYXCI+b1w30WgvZef6YhuQ5O3h3JMtbu:dXNGDIu8NyMtbu
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral7