General

  • Target

    half_life.exe

  • Size

    211.8MB

  • Sample

    241016-a6z6ksydmk

  • MD5

    45d9c4c6b968ce13638341b90e5bb217

  • SHA1

    e57fa91f722ebb47bf579293e127a18bf4f322ba

  • SHA256

    1f9c874e4a29b220c5f79ff9bf2f75f8b247336d617eae4ffe7c41695a9981ce

  • SHA512

    5627b5ef253f79ebb24efdb627a453891f1a6cc37d65fd16caabbb2bbf1e39bbae08d669385f20d3204611a402b2a1c0edc700bae200e406dba7896fca35d6d4

  • SSDEEP

    6291456:JQNRndLsUw9DLwXMIpNvI6D/sMMTgFC4UqkoxrOK:JcndLpiD0FpNvB/sMMsSdov

Malware Config

Targets

    • Target

      half_life.exe

    • Size

      211.8MB

    • MD5

      45d9c4c6b968ce13638341b90e5bb217

    • SHA1

      e57fa91f722ebb47bf579293e127a18bf4f322ba

    • SHA256

      1f9c874e4a29b220c5f79ff9bf2f75f8b247336d617eae4ffe7c41695a9981ce

    • SHA512

      5627b5ef253f79ebb24efdb627a453891f1a6cc37d65fd16caabbb2bbf1e39bbae08d669385f20d3204611a402b2a1c0edc700bae200e406dba7896fca35d6d4

    • SSDEEP

      6291456:JQNRndLsUw9DLwXMIpNvI6D/sMMTgFC4UqkoxrOK:JcndLpiD0FpNvB/sMMsSdov

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks