Resubmissions

02-12-2021 14:24

211202-rq63mahffp 8

01-12-2021 20:11

211201-yylj8aafh3 8

General

  • Target

    Kanium.exe

  • Size

    62KB

  • Sample

    211201-yylj8aafh3

  • MD5

    9f443d030066321fee6205cd755323fc

  • SHA1

    d52a7a3d5bfd49b06625fe8f02b68db8bfebdb06

  • SHA256

    6b5558005465c5900a4596fd6456754330dc99f12ffb70cb43350549fe8d3d13

  • SHA512

    d9e9439bc93e4c56c301445192d82d073c9a75d88ba6771d8c982a35f1b6708e7ee06bfeb4b4dfe92ed2c9763864bb305cc6d22ad82a59828c102f50c4839857

Score
8/10

Malware Config

Targets

    • Target

      Kanium.exe

    • Size

      62KB

    • MD5

      9f443d030066321fee6205cd755323fc

    • SHA1

      d52a7a3d5bfd49b06625fe8f02b68db8bfebdb06

    • SHA256

      6b5558005465c5900a4596fd6456754330dc99f12ffb70cb43350549fe8d3d13

    • SHA512

      d9e9439bc93e4c56c301445192d82d073c9a75d88ba6771d8c982a35f1b6708e7ee06bfeb4b4dfe92ed2c9763864bb305cc6d22ad82a59828c102f50c4839857

    Score
    8/10
    • Executes dropped EXE

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Discovery

System Information Discovery

1
T1082

Tasks