General
Target

ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

Size

2MB

Sample

220520-fdzx1aaee5

Score
7/10
MD5

7c59b7e996ff2c53ff916e7ae9208618

SHA1

8dd9b9b17ec3759c430346bfc961d79d1e32b2a2

SHA256

ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

SHA512

3d3d8d8d9edf5f08c6ab041677f47b7ee8fb04f3f819bd3872f522bb713440e173354d9e16a780bd0d4867cb78edfaab47da73423338a547e1ff36724c3f94a0

Malware Config
Targets
Target

ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

MD5

7c59b7e996ff2c53ff916e7ae9208618

Filesize

2MB

Score
7/10
SHA1

8dd9b9b17ec3759c430346bfc961d79d1e32b2a2

SHA256

ea80a4e9ff8cbac61bab3c8b1ec23c2e0ef8408439446de1efff04f4e3fee55d

SHA512

3d3d8d8d9edf5f08c6ab041677f47b7ee8fb04f3f819bd3872f522bb713440e173354d9e16a780bd0d4867cb78edfaab47da73423338a547e1ff36724c3f94a0

Tags

Signatures

  • Checks BIOS information in registry

    Description

    BIOS information is often read in order to detect sandboxing environments.

    TTPs

    Query RegistrySystem Information Discovery
  • Writes to the Master Boot Record (MBR)

    Description

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    Tags

    TTPs

    Bootkit

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      Score
                      N/A

                      behavioral1

                      Score
                      7/10

                      behavioral2

                      Score
                      7/10