General
-
Target
Ana.exe
-
Size
2.1MB
-
Sample
241122-ayd85s1jav
-
MD5
f571faca510bffe809c76c1828d44523
-
SHA1
7a3ca1660f0a513316b8cd5496ac7dbe82f0e0c2
-
SHA256
117d7af0deb40b3fe532bb6cbe374884fa55ed7cfe053fe698720cdccb5a59cb
-
SHA512
a08bca2fb1387cc70b737520d566c7117aa3fdb9a52f5dbb0bb7be44630da7977882d8c808cbee843c8a180777b4ac5819e8bafda6b2c883e380dc7fb5358a51
-
SSDEEP
49152:OwVYlfBUDiZx8Fa/Q0NuB3btlnCItWNSwoy:OxPUDQmso0NuBZlnCItM
Static task
static1
Behavioral task
behavioral1
Sample
Ana.exe
Resource
win10ltsc2021-20241023-en
Malware Config
Targets
-
-
Target
Ana.exe
-
Size
2.1MB
-
MD5
f571faca510bffe809c76c1828d44523
-
SHA1
7a3ca1660f0a513316b8cd5496ac7dbe82f0e0c2
-
SHA256
117d7af0deb40b3fe532bb6cbe374884fa55ed7cfe053fe698720cdccb5a59cb
-
SHA512
a08bca2fb1387cc70b737520d566c7117aa3fdb9a52f5dbb0bb7be44630da7977882d8c808cbee843c8a180777b4ac5819e8bafda6b2c883e380dc7fb5358a51
-
SSDEEP
49152:OwVYlfBUDiZx8Fa/Q0NuB3btlnCItWNSwoy:OxPUDQmso0NuBZlnCItM
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Indicator Removal
1File Deletion
1Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1