Overview

overview

6

Static

static

1.bat

windows7_x64

1

1.bat

windows10-2004_x64

1

AFUEFI.exe

windows7_x64

1

AFUEFI.exe

windows10-2004_x64

1

HPUSBFW/DOS/CO...ND.com

windows7_x64

1

HPUSBFW/DOS/CO...ND.com

windows10-2004_x64

1

制作纯DOS...ND.com

windows7_x64

1

制作纯DOS...ND.com

windows10-2004_x64

1

制作纯DOS...20.exe

windows7_x64

6

制作纯DOS...20.exe

windows10-2004_x64

6

制作纯DOS...OS.exe

windows7_x64

1

制作纯DOS...OS.exe

windows10-2004_x64

1

制作纯DOS...10.bat

windows7_x64

1

制作纯DOS...10.bat

windows10-2004_x64

1

HPUSBFW/DOS1/...20.exe

windows7_x64

6

HPUSBFW/DOS1/...20.exe

windows10-2004_x64

6

HPUSBFW/DOS1/...OS.exe

windows7_x64

1

HPUSBFW/DOS1/...OS.exe

windows10-2004_x64

1

HPUSBFW/DOS1/...10.bat

windows7_x64

1

HPUSBFW/DOS1/...10.bat

windows10-2004_x64

1

HPUSBFW/HPUSBFW.exe

windows7_x64

3

HPUSBFW/HPUSBFW.exe

windows10-2004_x64

3

manual.docx

windows7_x64

4

manual.docx

windows10-2004_x64

1
General
Target

c53cdca62beef131773c4dac2201ada2bd7e3ee2670be7a891ad382e2aa8a030

Size

7MB

Sample

220520-dhtknshegl

Score
6/10
MD5

3be0c5999c106fc87718e30c03337f5c

SHA1

78b41358b27b6401badb5af5825e318d8368a78b

SHA256

c53cdca62beef131773c4dac2201ada2bd7e3ee2670be7a891ad382e2aa8a030

SHA512

623c01fa1a60e7d85abfcf6456a85ebc9132851cdb50aa8991c6dce697875512f01c8bd9369ad7f5ee2e0309435a12f52201d2b8fbebc558f67dd9d4cd408c64

Malware Config
Targets
Target

1.BAT

MD5

4e412f918f635a8eb8dbf85c1fc8d14c

Filesize

31B

Score
1/10
SHA1

1675787e9a46bb6c0039f4a10a17421214fe11b0

SHA256

170a25c0a51c76a49868467844f87490e87e9ba0e8ae0e2ec65e3af343a25f2e

SHA512

6d22e86b75289c67dba95c2a42e54d531e325719f8a0233e1971e64c119b4c64652e2051d48f5ad8580e097bdcfa821c02fc3ac80d90a1ee8243dd21d9e28ee2

Related Tasks

behavioral1behavioral2
Target

AFUEFI.exe

MD5

27c60d9a6bc43f227e1e620759dc2529

Filesize

184KB

Score
1/10
SHA1

926d1200c5cea5eb5e73b78506d8005ee177fff1

SHA256

83ceb9388256b66eee86b0673bfcb52cb91448d30cc1398716d1b5da94cbeb62

SHA512

474ab12aa476e4ec0a8364dbc37db40367f31cc1601745445291b642f8b89de0a67624c4b1fcae1be5d1d46d1112969deb6fb4e4d62b99689df9c0d34aad57d9

Related Tasks

behavioral3behavioral4
Target

HPUSBFW/DOS/COMMAND.COM

MD5

17c1021dd38323dd3a558e334dc7aaf2

Filesize

92KB

Score
1/10
SHA1

13fa1e00940a541c61d5f53c8ba9fb689595f6a3

SHA256

931d25c31d04d61bb44394eeed1f64d4278d764a9eb7da4edf683d6893cb7006

SHA512

9787d6f07eab719aa6ec919519d770755282aa196bf998d8e98f7d735e965228c7d94f6800b56dc0737babc5749312cdc899886ea73b6bf055d4f1fb3018f5ec

Related Tasks

behavioral5behavioral6
Target

制作纯DOS启动U盘刷新BIOS/DOS/COMMAND.COM

MD5

17c1021dd38323dd3a558e334dc7aaf2

Filesize

92KB

Score
1/10
SHA1

13fa1e00940a541c61d5f53c8ba9fb689595f6a3

SHA256

931d25c31d04d61bb44394eeed1f64d4278d764a9eb7da4edf683d6893cb7006

SHA512

9787d6f07eab719aa6ec919519d770755282aa196bf998d8e98f7d735e965228c7d94f6800b56dc0737babc5749312cdc899886ea73b6bf055d4f1fb3018f5ec

Related Tasks

behavioral7behavioral8
Target

制作纯DOS启动U盘刷新BIOS/HP优盘格式化工具HPUSBFW 2.20.exe

MD5

f109b8ed3b703f7765eb7e1bc6975d29

Filesize

96KB

Score
6/10
SHA1

05753b015d84d236e36c3aef40d9d22add05bf72

SHA256

3e01af95f9b5b1b939b64241613fd91b2a738f66c5d1173df24e9e74faf1fc5e

SHA512

580497f012a0045eb678373e53f6aad6709786e3aaf74a558384574edcd7c544152f9197264ba2c60c4d02c4dd8ce4e978291ae7ee9477ffaccb2b162d34dc1a

Tags

Signatures

  • Maps connected drives based on registry

    Description

    Disk information is often read in order to detect sandboxing environments.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery

  • Writes to the Master Boot Record (MBR)

    Description

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    Tags

    TTPs

    Bootkit

Related Tasks

behavioral9behavioral10
Target

制作纯DOS启动U盘刷新BIOS/af10_bios/AFUDOS.exe

MD5

26a7e328e3857c4bfa10a64f96f8ae09

Filesize

180KB

Score
1/10
SHA1

c20c21b676e2197d3b9b46e4caa18e0cf6a95ef6

SHA256

14aa11ca54970a7b8fff6b659e6a8ab95fe7c29d0fcb812fe9d5cc57ae02cc9f

SHA512

ccf9bce5275a61de5d0a2bd41766d49c4f7bdbcf7e2b0bfd644c57b96d800d12e7411e1da73cd8653c041b5b0b8b49ee88914c709ca97d6f715a9372637e9693

Related Tasks

behavioral11behavioral12
Target

制作纯DOS启动U盘刷新BIOS/af10_bios/af10.bat

MD5

9b5ed50e42ffd28d2726ad29d3ba77e5

Filesize

36B

Score
1/10
SHA1

a99bd33e4e669eb6f051121be2322d992a1a8683

SHA256

c5459799cb767e154c8ac4813f8d8560645f9ec484c6bc67200cd66c5bc6760d

SHA512

570f8da4e2a8266fad628e247a9a0405bed9aba10ee1d5fe10d2829a03ab256265f821101177ac2ae19b0e0138aeefbfe66ce7b98b2c0940e869005e875fb8f2

Related Tasks

behavioral13behavioral14
Target

HPUSBFW/DOS1/制作纯DOS启动U盘刷新BIOS/HP优盘格式化工具HPUSBFW 2.20.exe

MD5

f109b8ed3b703f7765eb7e1bc6975d29

Filesize

96KB

Score
6/10
SHA1

05753b015d84d236e36c3aef40d9d22add05bf72

SHA256

3e01af95f9b5b1b939b64241613fd91b2a738f66c5d1173df24e9e74faf1fc5e

SHA512

580497f012a0045eb678373e53f6aad6709786e3aaf74a558384574edcd7c544152f9197264ba2c60c4d02c4dd8ce4e978291ae7ee9477ffaccb2b162d34dc1a

Tags

Signatures

  • Maps connected drives based on registry

    Description

    Disk information is often read in order to detect sandboxing environments.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery

  • Writes to the Master Boot Record (MBR)

    Description

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    Tags

    TTPs

    Bootkit

Related Tasks

behavioral15behavioral16
Target

HPUSBFW/DOS1/制作纯DOS启动U盘刷新BIOS/af10_bios/AFUDOS.exe

MD5

26a7e328e3857c4bfa10a64f96f8ae09

Filesize

180KB

Score
1/10
SHA1

c20c21b676e2197d3b9b46e4caa18e0cf6a95ef6

SHA256

14aa11ca54970a7b8fff6b659e6a8ab95fe7c29d0fcb812fe9d5cc57ae02cc9f

SHA512

ccf9bce5275a61de5d0a2bd41766d49c4f7bdbcf7e2b0bfd644c57b96d800d12e7411e1da73cd8653c041b5b0b8b49ee88914c709ca97d6f715a9372637e9693

Related Tasks

behavioral17behavioral18
Target

HPUSBFW/DOS1/制作纯DOS启动U盘刷新BIOS/af10_bios/af10.bat

MD5

9b5ed50e42ffd28d2726ad29d3ba77e5

Filesize

36B

Score
1/10
SHA1

a99bd33e4e669eb6f051121be2322d992a1a8683

SHA256

c5459799cb767e154c8ac4813f8d8560645f9ec484c6bc67200cd66c5bc6760d

SHA512

570f8da4e2a8266fad628e247a9a0405bed9aba10ee1d5fe10d2829a03ab256265f821101177ac2ae19b0e0138aeefbfe66ce7b98b2c0940e869005e875fb8f2

Related Tasks

behavioral19behavioral20
Target

HPUSBFW/HPUSBFW.exe

MD5

70bfc665ab6518b4981a328837343f00

Filesize

132KB

Score
3/10
SHA1

d6d0e7b956f82e6bf793488e6c789a7d0dc86e1d

SHA256

5ed8d7188bcce496f545b044269e30955982b6cdf7fdb59779254a2c04394d09

SHA512

7ee22250758925ede7834c3b1fe9db7facac6a60ad7da2666b1fe82027faab0da31614e8f53eb71d9c3d7eab71d558aa5d703a8143611ed5d2012f92c50baefe

Related Tasks

behavioral21behavioral22
Target

manual.docx

MD5

48f9b5e18c5f9cc30e78de66950710a6

Filesize

512KB

Score
4/10
SHA1

e286e4644c2f0ead02f499ca50f672f232ed003b

SHA256

b2762afba9d5e982cd8f131b21ed03e01b89363406217f0f819adfaccca108bb

SHA512

e904fe44d1a257ece21d625848c7c184e16c8ee452fe3bc3c834e74eedc2941f34082551af697bc7e89d30734d53131c5c50bf1c94080851c3568e7fc253b513

Related Tasks

behavioral23behavioral24
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    1/10

                    behavioral2

                    Score
                    1/10

                    behavioral3

                    Score
                    1/10

                    behavioral4

                    Score
                    1/10

                    behavioral5

                    Score
                    1/10

                    behavioral6

                    Score
                    1/10

                    behavioral7

                    Score
                    1/10

                    behavioral8

                    Score
                    1/10

                    behavioral9

                    Score
                    6/10

                    behavioral10

                    Score
                    6/10

                    behavioral11

                    Score
                    1/10

                    behavioral12

                    Score
                    1/10

                    behavioral13

                    Score
                    1/10

                    behavioral14

                    Score
                    1/10

                    behavioral15

                    Score
                    6/10

                    behavioral16

                    Score
                    6/10

                    behavioral17

                    Score
                    1/10

                    behavioral18

                    Score
                    1/10

                    behavioral19

                    Score
                    1/10

                    behavioral20

                    Score
                    1/10

                    behavioral21

                    Score
                    3/10

                    behavioral22

                    Score
                    3/10

                    behavioral23

                    Score
                    4/10

                    behavioral24

                    Score
                    1/10