cf1c009fb3dfc12623d83b513e5bab0e98108a00d507ec3d5cac44386f4f4368 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

Dependency...re.dll

windows10-1703-x64

8

Dependency...re.dll

windows10-2004-x64

1

Sharing

General

Target

DependencyPropertyGenerator.Core.dll
Size

40KB
Sample

240629-zd6kbsygpq
MD5

d9732473b12f627c54c5c71849f99e19
SHA1

1fb1e2f5a4518571f7824001f6fa39def92c8df4
SHA256

cf1c009fb3dfc12623d83b513e5bab0e98108a00d507ec3d5cac44386f4f4368
SHA512

51e604128522429635cfc8af582b437f9d4642ce23f8b1a7167d770a0dc7ff0865b6f19e0d13d0870dc5ec41715961c18522639ecd7bad92eb646418da40fe6c
SSDEEP

768:Nx6IpmUNGrcwq6dfMqUxgnT6OEwsyG8mAJgvf4Fq6prG:SGmUNsJMq/VdmAJ24Eky

Score

8^/10

bootkit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

DependencyPropertyGenerator.Core.dll

Resource

win10-20240404-en

bootkit persistence

windows10-1703-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

DependencyPropertyGenerator.Core.dll

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  DependencyPropertyGenerator.Core.dll
- Size
  
  40KB
- MD5
  
  d9732473b12f627c54c5c71849f99e19
- SHA1
  
  1fb1e2f5a4518571f7824001f6fa39def92c8df4
- SHA256
  
  cf1c009fb3dfc12623d83b513e5bab0e98108a00d507ec3d5cac44386f4f4368
- SHA512
  
  51e604128522429635cfc8af582b437f9d4642ce23f8b1a7167d770a0dc7ff0865b6f19e0d13d0870dc5ec41715961c18522639ecd7bad92eb646418da40fe6c
- SSDEEP
  
  768:Nx6IpmUNGrcwq6dfMqUxgnT6OEwsyG8mAJgvf4Fq6prG:SGmUNsJMq/VdmAJ24Eky
Score

8^/10

bootkit persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

© 2018-2024

Terms | Privacy