General
Target

21dc7691541ed4ad6308edc5ea7d0fc002ff68e892193c7437ed1ca314bc8972

Size

4MB

Sample

220520-dlc24aehd4

Score
7/10
MD5

34092df3dd44fadac8390eb47557d5d5

SHA1

917f1c3c8b3e20624eae8233dadfe65f797b2afd

SHA256

21dc7691541ed4ad6308edc5ea7d0fc002ff68e892193c7437ed1ca314bc8972

SHA512

ea366391b69c8ea5a10318c37a1a0cc5acd1d193a102a07a052768fb157fbdc9f7ef99a3e0788c95426bbbcf81b8ae2c0ae2a7492d344a88cbbe0a4f968b3258

Malware Config
Targets
Target

Truck_Simulator_2_v1.30.0.12s__14_Trainer.exe

MD5

5e5cb405fe00fce0170ff03b6c27de65

Filesize

4MB

Score
7/10
SHA1

b71ba01901946acf3dd9c607b0ab744b9bb2d8b3

SHA256

5edbe1c8a1323e88fdf95f31c9f72bb25d1ea67e71ac532540c79cf9f25d838f

SHA512

272f1457cf8f843ca00281347fd25a29840e7711773dbd60e1b923df3f2040f7720cd17dfe5c5fc8262fe8e0e03fc0334ac9b99abe6dac8d193d214fb221dea0

Tags

Signatures

  • Checks BIOS information in registry

    Description

    BIOS information is often read in order to detect sandboxing environments.

    TTPs

    Query RegistrySystem Information Discovery
  • Writes to the Master Boot Record (MBR)

    Description

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    Tags

    TTPs

    Bootkit

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      Score
                      N/A

                      behavioral1

                      Score
                      7/10

                      behavioral2

                      Score
                      7/10