General
-
Target
40a1e70848921bb654ed081a44c7c107b4b1c09bc0c3c54f92c256e63bc042cc
-
Size
94KB
-
Sample
250701-j251psdq8x
-
MD5
e0b9343754afb6d9ef3e513810a30d51
-
SHA1
cf442171c7abcc844da00e628ce38651b01e1c90
-
SHA256
40a1e70848921bb654ed081a44c7c107b4b1c09bc0c3c54f92c256e63bc042cc
-
SHA512
591ba0b3704ace220a614a8319f3a5ad626a62af898da3a79330c66e7aa15f0b700547397bf99e5026546e916d86322cd33985f62ec72b4e54b52f1827259e00
-
SSDEEP
1536:vRiAXaKD5gxzmwYEM/D3ozc4I8JboecWtX4u:piAXaKDeKNnD36cb8tIu
Static task
static1
Behavioral task
behavioral1
Sample
40a1e70848921bb654ed081a44c7c107b4b1c09bc0c3c54f92c256e63bc042cc.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
40a1e70848921bb654ed081a44c7c107b4b1c09bc0c3c54f92c256e63bc042cc
-
Size
94KB
-
MD5
e0b9343754afb6d9ef3e513810a30d51
-
SHA1
cf442171c7abcc844da00e628ce38651b01e1c90
-
SHA256
40a1e70848921bb654ed081a44c7c107b4b1c09bc0c3c54f92c256e63bc042cc
-
SHA512
591ba0b3704ace220a614a8319f3a5ad626a62af898da3a79330c66e7aa15f0b700547397bf99e5026546e916d86322cd33985f62ec72b4e54b52f1827259e00
-
SSDEEP
1536:vRiAXaKD5gxzmwYEM/D3ozc4I8JboecWtX4u:piAXaKDeKNnD36cb8tIu
Score8/10-
Blocklisted process makes network request
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v16
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1