85267503850ba33babd9f62dd7810f7d4484d1c780e67d262942789b9e928632 | Triage

Submit
Reports

Overview

overview

8

Static

static

tmp.exe

windows7_x64

8

tmp.exe

windows10-2004_x64

8

Sharing

General

Target

tmp
Size

4.4MB
Sample

220521-rww5lschep
MD5

f5bc0cf4ce546079338e3c6cc22a7738
SHA1

cb327d83fd96b4fd0153cd4d9efd28e83afac754
SHA256

85267503850ba33babd9f62dd7810f7d4484d1c780e67d262942789b9e928632
SHA512

d02ae5fd3075bcb7585f01348e883d9332d39fb543efbad1aeaff089d28c50d0c4444d41ebf013719058554babd82af5e010211788e5f50370ae99baa3f580a3

Score

8^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20220414-en

bootkit persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20220414-en

bootkit persistence

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tmp
- Size
  
  4.4MB
- MD5
  
  f5bc0cf4ce546079338e3c6cc22a7738
- SHA1
  
  cb327d83fd96b4fd0153cd4d9efd28e83afac754
- SHA256
  
  85267503850ba33babd9f62dd7810f7d4484d1c780e67d262942789b9e928632
- SHA512
  
  d02ae5fd3075bcb7585f01348e883d9332d39fb543efbad1aeaff089d28c50d0c4444d41ebf013719058554babd82af5e010211788e5f50370ae99baa3f580a3
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2024

Terms | Privacy