General
-
Target
842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9.exe
-
Size
215KB
-
Sample
241113-rrnbxawrgp
-
MD5
cbd59de7e431f0b273941a60e0f18d40
-
SHA1
67ac09f9f9512f2c337ce1615c341d1b2f4856c4
-
SHA256
842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9
-
SHA512
51a28e45bacd18c6e7b59cc44b9c54eb08cf4395e7a0e3d7f3d3ef519bd5518b3c15d63de1710d46b1ac5fb81ef4ae500b50f704a00cf806c0ecc46c4583aeda
-
SSDEEP
6144:uVtV0QPQCnSQsTEWYChnUnPJuHC3vcWYz:ubVQk1wnGACvc/
Static task
static1
Behavioral task
behavioral1
Sample
842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9.exe
-
Size
215KB
-
MD5
cbd59de7e431f0b273941a60e0f18d40
-
SHA1
67ac09f9f9512f2c337ce1615c341d1b2f4856c4
-
SHA256
842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9
-
SHA512
51a28e45bacd18c6e7b59cc44b9c54eb08cf4395e7a0e3d7f3d3ef519bd5518b3c15d63de1710d46b1ac5fb81ef4ae500b50f704a00cf806c0ecc46c4583aeda
-
SSDEEP
6144:uVtV0QPQCnSQsTEWYChnUnPJuHC3vcWYz:ubVQk1wnGACvc/
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1