General

  • Target

    6f027721fac7f46a5d3fa040232f4bff2cf5e710727dbc9bcea8525451f4467e.bin

  • Size

    1.9MB

  • Sample

    210409-mmv9v1xtpj

  • MD5

    0e8151ff96973f171d6a7f4b1c2a6376

  • SHA1

    bae2a016ac6124dcf5c96d437fd681219dd4bbfa

  • SHA256

    6f027721fac7f46a5d3fa040232f4bff2cf5e710727dbc9bcea8525451f4467e

  • SHA512

    46035b471b730a3f34dd7ca0baf05a40d7ffa88193ef574d30089c53bd9d29044de15874c5f8007868214fb251c36176886a8a923dbf4e4dee7cb2987a379dc1

Malware Config

Targets

    • Target

      6f027721fac7f46a5d3fa040232f4bff2cf5e710727dbc9bcea8525451f4467e.bin

    • Size

      1.9MB

    • MD5

      0e8151ff96973f171d6a7f4b1c2a6376

    • SHA1

      bae2a016ac6124dcf5c96d437fd681219dd4bbfa

    • SHA256

      6f027721fac7f46a5d3fa040232f4bff2cf5e710727dbc9bcea8525451f4467e

    • SHA512

      46035b471b730a3f34dd7ca0baf05a40d7ffa88193ef574d30089c53bd9d29044de15874c5f8007868214fb251c36176886a8a923dbf4e4dee7cb2987a379dc1

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Discovery

Query Registry

2
T1012

System Information Discovery

3
T1082

Peripheral Device Discovery

1
T1120

Tasks