Emulating NotPetya bootloader with Miasm |
Tags
Common Information
| Type | Value |
|---|---|
| UUID | ae36a97b-eeb4-4527-9da0-68f022d91f97 |
| Fingerprint | 97839911e421a3e1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 29, 2020, midnight |
| Added to db | Sept. 26, 2022, 9:30 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | Emulating NotPetya bootloader with Miasm |
| Title | Emulating NotPetya bootloader with Miasm | |
| Detected Hints/Tags/Attributes | 80/2/35 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://aguinet.github.io//blog/2020/08/29/miasm-bootloader.html |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 138 | setup.py |
|
| Details | Domain | 1 | jitter.cpu.si |
|
| Details | Domain | 1 | hd.read |
|
| Details | Domain | 1 | jitter.cpu.cf |
|
| Details | Domain | 1 | jitter.cpu.ax |
|
| Details | Domain | 1 | hd0.read |
|
| Details | Domain | 1 | emulate-mbr.py |
|
| Details | Domain | 2 | machine.mn |
|
| Details | Domain | 1 | jitter.cpu.ss |
|
| Details | Domain | 1 | shasaurabh.blogspot.fr |
|
| Details | Domain | 3 | www.sstic.org |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | File | 70 | e.doc |
|
| Details | File | 144 | requirements.txt |
|
| Details | File | 127 | setup.py |
|
| Details | File | 1 | emulate_mbr.py |
|
| Details | File | 1 | mydisk.vmdk |
|
| Details | File | 1 | mydisk.raw |
|
| Details | File | 2 | disk.raw |
|
| Details | File | 1 | async_kb.py |
|
| Details | File | 1 | jitter.ini |
|
| Details | File | 1 | emulate-mbr.py |
|
| Details | File | 1 | asmblock.asm |
|
| Details | File | 1 | debugging-mbr-ida-pro-and-bochs-emulator.html |
|
| Details | File | 1 | sstic2011-article-attaques_dma_peer-to-peer_et_contremesures-lone-sang_duflot_nicomette_deswarte.pdf |
|
| Details | Github username | 2 | aguinet |
|
| Details | Github username | 5 | cea-sec |
|
| Details | Url | 1 | https://github.com/aguinet/miasm-bootloader/. |
|
| Details | Url | 3 | https://github.com/cea-sec/miasm |
|
| Details | Url | 1 | https://shasaurabh.blogspot.fr/2017/07/debugging-mbr-ida-pro-and-bochs-emulator.html |
|
| Details | Url | 1 | https://www.sstic.org/2012/presentation/miasm_framework_de_reverse_engineering |
|
| Details | Url | 1 | https://docs.microsoft.com/en-us/windows/wsl/install-win10 |
|
| Details | Url | 1 | https://www.sstic.org/media/sstic2011/sstic-actes/attaques_dma_peer-to-peer_et_contremesures/sstic2011-article-attaques_dma_peer-to-peer_et_contremesures-lone-sang_duflot_nicomette_deswarte.pdf |
|
| Details | Url | 3 | https://www.crowdstrike.com/blog/petrwrap-ransomware-technical-analysis-triple-threat-file-encryption-mft-encryption-credential-theft |