General
-
Target
GoDm.zip
-
Size
7.7MB
-
Sample
250201-yzt8razpaq
-
MD5
ce486f16b14240fa3c9da7dbf0883e35
-
SHA1
9b2843811b7cee87138a675dead3d891a48b9be9
-
SHA256
41f5035bd0070cd9b240d684e1b055d9d76140ab53196cac1a6172b9490a3063
-
SHA512
fe35664b3fb8c1e4cee9a56b5f2c0963a55ffdfebe4b619c4070c70d6c6a316b08f410b1519cf3774762b28c5d3bd8895e831caedee89fba9ed961c02648e4ff
-
SSDEEP
196608:EwW+LSbSSxaqah9Qo1bcBtC9cm2PQsZyCveLMRMg1fiH:A+mRwP91aE2PQsYCmMF6H
Malware Config
Targets
-
-
Target
GoDm.zip
-
Size
7.7MB
-
MD5
ce486f16b14240fa3c9da7dbf0883e35
-
SHA1
9b2843811b7cee87138a675dead3d891a48b9be9
-
SHA256
41f5035bd0070cd9b240d684e1b055d9d76140ab53196cac1a6172b9490a3063
-
SHA512
fe35664b3fb8c1e4cee9a56b5f2c0963a55ffdfebe4b619c4070c70d6c6a316b08f410b1519cf3774762b28c5d3bd8895e831caedee89fba9ed961c02648e4ff
-
SSDEEP
196608:EwW+LSbSSxaqah9Qo1bcBtC9cm2PQsZyCveLMRMg1fiH:A+mRwP91aE2PQsYCmMF6H
Score8/10-
Downloads MZ/PE file
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
1Image File Execution Options Injection
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Modify Registry
1Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1SIP and Trust Provider Hijacking
1