Overview

overview

7

Static

static

ea80a4e9ff...5d.exe

windows7_x64

7

ea80a4e9ff...5d.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

  • Size

    2.8MB

  • Sample

    220520-fdzx1aaee5

  • MD5

    7c59b7e996ff2c53ff916e7ae9208618

  • SHA1

    8dd9b9b17ec3759c430346bfc961d79d1e32b2a2

  • SHA256

    ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

  • SHA512

    3d3d8d8d9edf5f08c6ab041677f47b7ee8fb04f3f819bd3872f522bb713440e173354d9e16a780bd0d4867cb78edfaab47da73423338a547e1ff36724c3f94a0

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

    • Size

      2.8MB

    • MD5

      7c59b7e996ff2c53ff916e7ae9208618

    • SHA1

      8dd9b9b17ec3759c430346bfc961d79d1e32b2a2

    • SHA256

      ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

    • SHA512

      3d3d8d8d9edf5f08c6ab041677f47b7ee8fb04f3f819bd3872f522bb713440e173354d9e16a780bd0d4867cb78edfaab47da73423338a547e1ff36724c3f94a0

    Score
    7/10
    bootkitpersistence

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks