General
Target

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

Size

3MB

Sample

220520-eavnfagch7

Score
6/10
MD5

c30179e55fcf60c959ffca431511cea5

SHA1

a1e8c2386b5dd07b462ca63ab7d97814c5cdef1c

SHA256

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

SHA512

64b15854b785512cb188dc4116d25845c09209680cca87643164852a799c0d3ef4bb7bcaedd6bf2d890da567e860c468316c68e4be05b21f52569c0d5904108c

Malware Config
Targets
Target

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

MD5

c30179e55fcf60c959ffca431511cea5

Filesize

3MB

Score
6/10
SHA1

a1e8c2386b5dd07b462ca63ab7d97814c5cdef1c

SHA256

7e601a2c0019e9d902c025e0333d28024dadceb5e602009801910d660bef589a

SHA512

64b15854b785512cb188dc4116d25845c09209680cca87643164852a799c0d3ef4bb7bcaedd6bf2d890da567e860c468316c68e4be05b21f52569c0d5904108c

Tags

Signatures

  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup FolderModify Registry
  • Enumerates connected drives

    Description

    Attempts to read the root path of hard drives other than the default C: drive.

    TTPs

    Query RegistryPeripheral Device DiscoverySystem Information Discovery
  • Writes to the Master Boot Record (MBR)

    Description

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    Tags

    TTPs

    Bootkit

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Privilege Escalation
                    Tasks

                    static1

                    Score
                    N/A

                    behavioral1

                    Score
                    6/10

                    behavioral2

                    Score
                    6/10