General
-
Target
evidence_video2341.zip
-
Size
2.6MB
-
Sample
240630-r6c5gszbnd
-
MD5
784d7222bf678781df64a6db581c9bec
-
SHA1
0d34e85e30f39355031d91a56c394d376ccf0c1a
-
SHA256
9561417635a30fbbe4698c0b05010a246a448d746c4f43b08a16e2f40e4add3e
-
SHA512
c646fa4b775b1ca47a3eb3a9454ffbc6a4aca122de7c11b43e3a8e4658b7706e1bb4c51b0365d0c158b7f1d8f2813a46b0852415fd51fe8c12c734a1ecb25833
-
SSDEEP
49152:DZ5mifTI5c7Hf2ZEQ4cI6haCQQqxUbCNc3k9c/y4SicctRc:DXmift7W8cIMdQf/nC/yqDtK
Static task
static1
Behavioral task
behavioral1
Sample
click and enter passcode 2233 to read.msi
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
click and enter passcode 2233 to read.msi
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
click and enter passcode 2233 to read.msi
-
Size
2.9MB
-
MD5
9bf5705792f3552b1ad437d43a8fa82d
-
SHA1
b1f26e3897e3680bda1846af06ec8c9c529973c6
-
SHA256
79e7cb46bf71ab7ac1170e62e535ea41849299622b1f221d94d99f94ef392f10
-
SHA512
96bf18d557fbf6b7113a02be2243dad2bb0de46d0b3d8e8e2789f0694ba8998c8c0a8eb50ac478d78ad7eed3dd81458dc1a1d9fa04b7df5b9bb28a44a8eeb6ab
-
SSDEEP
49152:7+1Ypn4N2MGVv1zyIBWGppT9jnMHRjOOozjcqZJN8dUZTwYaH7oqPxMbY+K/tzQz:7+lUlz9FKbsodq0YaH7ZPxMb8tT
Score8/10-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-