d8b47727ea05305ad396977b336c3bfc86ae122cdde01976fa9b0c3a7c2d3f24 | Triage

Submit
Reports

Overview

overview

8

Static

static

TvwMA57y.bat

windows7_x64

8

TvwMA57y.bat

windows10_x64

8

Sharing

General

Target

TvwMA57y.bat
Size

13KB
Sample

200708-4gjf5w81ls
MD5

44fbd58c401a7786da2e8b6a6291379e
SHA1

9dbfd08fa557d9dce79911eb4bbddb2008d4f53f
SHA256

d8b47727ea05305ad396977b336c3bfc86ae122cdde01976fa9b0c3a7c2d3f24
SHA512

c369f749ba3ef4e463524b3483c4250311c2a19414a49dc86c052cac9c9d0a3b05dbdbf71b854ccf6f46abc46e439f9264c7672e22a0c3004b7d679e26a56de3

Score

8^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

TvwMA57y.bat

Resource

win7

bootkit persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

TvwMA57y.bat

Resource

win10v200430

bootkit persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  TvwMA57y.bat
- Size
  
  13KB
- MD5
  
  44fbd58c401a7786da2e8b6a6291379e
- SHA1
  
  9dbfd08fa557d9dce79911eb4bbddb2008d4f53f
- SHA256
  
  d8b47727ea05305ad396977b336c3bfc86ae122cdde01976fa9b0c3a7c2d3f24
- SHA512
  
  c369f749ba3ef4e463524b3483c4250311c2a19414a49dc86c052cac9c9d0a3b05dbdbf71b854ccf6f46abc46e439f9264c7672e22a0c3004b7d679e26a56de3
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- JavaScript code in executable
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2024

Terms | Privacy