General
-
Target
f135531a4e85ab7a26c8baebd2d645c5949469fce76616c1477555e6fe61a795N
-
Size
152KB
-
Sample
241111-wjvhgatald
-
MD5
950dbd9741ed5ef2a9304a0b86180c60
-
SHA1
bc4ab3cb7292f1060839284b26666813968a97ed
-
SHA256
f135531a4e85ab7a26c8baebd2d645c5949469fce76616c1477555e6fe61a795
-
SHA512
b1e6909cf61828aaaa41335ea6dd7ab8dacf49275cc1d3e24c69bb7f67fd61247cb7153d71fa8f4224698bbaa290dd760faec5cf533c9cdf0444fdb50bf6c927
-
SSDEEP
3072:+Xyxum6XqmeJtY/VSSmZ1QAT25omGiDTKWb95C51jnWb1VOZ47vm2E+RLxwJD:+ixr5bVSmfQg25zvDTfb95ajs1VO67C
Static task
static1
Behavioral task
behavioral1
Sample
f135531a4e85ab7a26c8baebd2d645c5949469fce76616c1477555e6fe61a795N.dll
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
f135531a4e85ab7a26c8baebd2d645c5949469fce76616c1477555e6fe61a795N.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
f135531a4e85ab7a26c8baebd2d645c5949469fce76616c1477555e6fe61a795N
-
Size
152KB
-
MD5
950dbd9741ed5ef2a9304a0b86180c60
-
SHA1
bc4ab3cb7292f1060839284b26666813968a97ed
-
SHA256
f135531a4e85ab7a26c8baebd2d645c5949469fce76616c1477555e6fe61a795
-
SHA512
b1e6909cf61828aaaa41335ea6dd7ab8dacf49275cc1d3e24c69bb7f67fd61247cb7153d71fa8f4224698bbaa290dd760faec5cf533c9cdf0444fdb50bf6c927
-
SSDEEP
3072:+Xyxum6XqmeJtY/VSSmZ1QAT25omGiDTKWb95C51jnWb1VOZ47vm2E+RLxwJD:+ixr5bVSmfQg25zvDTfb95ajs1VO67C
Score8/10-
Blocklisted process makes network request
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1