aea7df55e5b6c953134e54023245349bbb59a7d8952c0ee49f7f19d5cc941f55 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

内部工�...��.exe

windows7_x64

6

内部工�...��.exe

windows10_x64

6

Sharing

General

Target

内部工具箱【泄露】.exe
Size

6.4MB
Sample

210218-q2dxwge9ss
MD5

056c1c5f7c2b569f1df1d050cf7fee7d
SHA1

731c9c8ebe3a24d4767509cc316d11a6e9979d01
SHA256

aea7df55e5b6c953134e54023245349bbb59a7d8952c0ee49f7f19d5cc941f55
SHA512

3ba7f7702c7891c1fd27723cbc33c8804452398c9cce0872f36aaf29c2bbd7b2fb80e26d4b71bac5779bc5bf9317c6e3fa93f4aafc7600fa0208cbce8b7caac8

Score

8^/10

bootkit persistence vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

内部工具箱【泄露】.exe

Resource

win7v20201028

bootkit persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

内部工具箱【泄露】.exe

Resource

win10v20201028

bootkit persistence

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  内部工具箱【泄露】.exe
- Size
  
  6.4MB
- MD5
  
  056c1c5f7c2b569f1df1d050cf7fee7d
- SHA1
  
  731c9c8ebe3a24d4767509cc316d11a6e9979d01
- SHA256
  
  aea7df55e5b6c953134e54023245349bbb59a7d8952c0ee49f7f19d5cc941f55
- SHA512
  
  3ba7f7702c7891c1fd27723cbc33c8804452398c9cce0872f36aaf29c2bbd7b2fb80e26d4b71bac5779bc5bf9317c6e3fa93f4aafc7600fa0208cbce8b7caac8
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2024

Terms | Privacy