Malware sandboxing report by Hatching Triage

Target

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

Size

3MB

Sample

220520-eavnfagch7

Score

6^/10

MD5

c30179e55fcf60c959ffca431511cea5

SHA1

a1e8c2386b5dd07b462ca63ab7d97814c5cdef1c

SHA256

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

SHA512

64b15854b785512cb188dc4116d25845c09209680cca87643164852a799c0d3ef4bb7bcaedd6bf2d890da567e860c468316c68e4be05b21f52569c0d5904108c

Target

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

MD5

c30179e55fcf60c959ffca431511cea5

Filesize

3MB

Score

6^/10

SHA1

a1e8c2386b5dd07b462ca63ab7d97814c5cdef1c

SHA256

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

SHA512

64b15854b785512cb188dc4116d25845c09209680cca87643164852a799c0d3ef4bb7bcaedd6bf2d890da567e860c468316c68e4be05b21f52569c0d5904108c

Signatures

Adds Run key to start application
Tags

persistence

TTPs

Registry Run Keys / Startup FolderModify Registry
Enumerates connected drives
Description

Attempts to read the root path of hard drives other than the default C: drive.
TTPs

Query RegistryPeripheral Device DiscoverySystem Information Discovery
Writes to the Master Boot Record (MBR)
Description

Bootkits write to the MBR to gain persistence at a level below the operating system.
Tags

bootkit persistence

TTPs

Bootkit

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Modify Registry

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

Score

N/A

behavioral1

bootkit persistence

Score

6^/10

behavioral2

bootkit persistence

Score

6^/10

Tags

Signatures

Adds Run key to start application

Tags

TTPs

Enumerates connected drives

Description

TTPs

Writes to the Master Boot Record (MBR)

Description

Tags

TTPs

Related Tasks

static1

behavioral1

behavioral2