General
-
Target
9d2cafbe46bd7245f8a0cb66851cd3a4a94b254cee0ac78dc0ff165328387521
-
Size
2.3MB
-
Sample
241031-26yrasspf1
-
MD5
d694887a2736e63564f97e3414241a29
-
SHA1
f3636ddcd493fea4feafff03571f5e88ec8054eb
-
SHA256
9d2cafbe46bd7245f8a0cb66851cd3a4a94b254cee0ac78dc0ff165328387521
-
SHA512
abbe77fbfca32676913d745ece4f059559849955897ebce937732561469bb7ed411acaaf0a1307c83c772d558b956462e16628ddfbf2bb6ee5a13a3ce5769ccc
-
SSDEEP
49152:h9895d76suD+XFA+5aa5i50PYDwyt64fQyHbbf08xwmaQFur:h9IvesuDRna5JPYGy7bMpL
Static task
static1
Behavioral task
behavioral1
Sample
9d2cafbe46bd7245f8a0cb66851cd3a4a94b254cee0ac78dc0ff165328387521.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
9d2cafbe46bd7245f8a0cb66851cd3a4a94b254cee0ac78dc0ff165328387521.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
9d2cafbe46bd7245f8a0cb66851cd3a4a94b254cee0ac78dc0ff165328387521
-
Size
2.3MB
-
MD5
d694887a2736e63564f97e3414241a29
-
SHA1
f3636ddcd493fea4feafff03571f5e88ec8054eb
-
SHA256
9d2cafbe46bd7245f8a0cb66851cd3a4a94b254cee0ac78dc0ff165328387521
-
SHA512
abbe77fbfca32676913d745ece4f059559849955897ebce937732561469bb7ed411acaaf0a1307c83c772d558b956462e16628ddfbf2bb6ee5a13a3ce5769ccc
-
SSDEEP
49152:h9895d76suD+XFA+5aa5i50PYDwyt64fQyHbbf08xwmaQFur:h9IvesuDRna5JPYGy7bMpL
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1