Overview

overview

6

Static

static

c8d812a4a9...79.exe

windows7_x64

6

c8d812a4a9...79.exe

windows10_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4769194801528832.zip

  • Size

    2.8MB

  • Sample

    210716-1sn235q15j

  • MD5

    d693438c9115362ffc9e99874cf20cc2

  • SHA1

    3a8c4f2279495015a7644672088ff1580349181e

  • SHA256

    dbfed511c8367ee64ad6f2d15a6de75bf5f0f911c848edf971d809a4ef81a872

  • SHA512

    3905db9a2741b421c7fc440bf191f09c3567355eb618a9a96c8209466664ab2553ad653c04722b12315ca7d0d705361298b51d3ed635f25ff3983ef1985c5e99

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      c8d812a4a9ec2752837025781d4b21ccb499f7323e7d4e5a1c4a25804c57a479

    • Size

      5.3MB

    • MD5

      8ef5332fdb6ef8626ba63cfcf716370f

    • SHA1

      482f1cd74f401a545a62a2f0bac89ee37f103627

    • SHA256

      c8d812a4a9ec2752837025781d4b21ccb499f7323e7d4e5a1c4a25804c57a479

    • SHA512

      451492c1f80828022a989ef4d77b79ad42736d23db150123cc21c5ffff6aebd3b78853399bd293d97cbeca2fc499bb15a7ccb5c6805e535214f0a23a75763c2e

    Score
    6/10
    bootkitpersistence

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks