General
-
Target
c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883eN
-
Size
171KB
-
Sample
241015-y2j6kavcra
-
MD5
fc0b4225305ce793d84e979b183bc3b0
-
SHA1
23ec9d96139de7a484cc7b71e9e1e213e28365d6
-
SHA256
c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883e
-
SHA512
cce333193badc92561446f6f62202cf5f12d55e23c0690cf380b73570ec72e21d04ba1360521b16bc73cfa2503ea0b035f75ea08af881dc979017e351dbd4104
-
SSDEEP
3072:R2Iz9CI8mUOtDDPwLkBLXLDFkKmvzXBpLHYmmO1QezRd7UcPa1xMjM7Q:Rjz9X8mXGUXVPmr9mOzRd7UcPKoM0
Static task
static1
Behavioral task
behavioral1
Sample
c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883eN.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883eN.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883eN
-
Size
171KB
-
MD5
fc0b4225305ce793d84e979b183bc3b0
-
SHA1
23ec9d96139de7a484cc7b71e9e1e213e28365d6
-
SHA256
c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883e
-
SHA512
cce333193badc92561446f6f62202cf5f12d55e23c0690cf380b73570ec72e21d04ba1360521b16bc73cfa2503ea0b035f75ea08af881dc979017e351dbd4104
-
SSDEEP
3072:R2Iz9CI8mUOtDDPwLkBLXLDFkKmvzXBpLHYmmO1QezRd7UcPa1xMjM7Q:Rjz9X8mXGUXVPmr9mOzRd7UcPKoM0
Score8/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1