Overview

overview

8

Static

static

8

0060e65cb2...de.exe

windows7_x64

6

0060e65cb2...de.exe

windows10-2004_x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0060e65cb2d97ad21bf8b2417fad0486d3950c3d10e6107f15166564758eb3de

  • Size

    241KB

  • Sample

    220516-yw7pnsfcc9

  • MD5

    4acac9b0996f24e933283f143de64875

  • SHA1

    44043a89159372246ea8b7be18d42236e0eafb2c

  • SHA256

    0060e65cb2d97ad21bf8b2417fad0486d3950c3d10e6107f15166564758eb3de

  • SHA512

    29cd35ff71caae73866e293ed8ba2f7ac4127929587f74608d52897cafd88bec572453fa3ded336e6c17ff3cf21d6bf5edf6eb1ce21c917c8a9e776380197d91

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      0060e65cb2d97ad21bf8b2417fad0486d3950c3d10e6107f15166564758eb3de

    • Size

      241KB

    • MD5

      4acac9b0996f24e933283f143de64875

    • SHA1

      44043a89159372246ea8b7be18d42236e0eafb2c

    • SHA256

      0060e65cb2d97ad21bf8b2417fad0486d3950c3d10e6107f15166564758eb3de

    • SHA512

      29cd35ff71caae73866e293ed8ba2f7ac4127929587f74608d52897cafd88bec572453fa3ded336e6c17ff3cf21d6bf5edf6eb1ce21c917c8a9e776380197d91

    Score
    6/10
    bootkitpersistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks