Overview

overview

7

Static

static

018a48a82f...c9.exe

windows7_x64

7

018a48a82f...c9.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    018a48a82f6db498a98111a5d4383d601beb34e25bc9fc1119f865a38de485c9

  • Size

    1.9MB

  • Sample

    220523-xxh72afgan

  • MD5

    512721572ba9c81961af2f27c1fe5bf2

  • SHA1

    28e68776af8501ff05d570bb0dfe22a02953eb96

  • SHA256

    018a48a82f6db498a98111a5d4383d601beb34e25bc9fc1119f865a38de485c9

  • SHA512

    3f7fa629d7c467098a14b9932081a61dad68d63692b7b7a297ec88da29bff93ee96cc2d36f63e9204423b241c7edc62ec28d723e83f491446526b972e444f6ca

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      018a48a82f6db498a98111a5d4383d601beb34e25bc9fc1119f865a38de485c9

    • Size

      1.9MB

    • MD5

      512721572ba9c81961af2f27c1fe5bf2

    • SHA1

      28e68776af8501ff05d570bb0dfe22a02953eb96

    • SHA256

      018a48a82f6db498a98111a5d4383d601beb34e25bc9fc1119f865a38de485c9

    • SHA512

      3f7fa629d7c467098a14b9932081a61dad68d63692b7b7a297ec88da29bff93ee96cc2d36f63e9204423b241c7edc62ec28d723e83f491446526b972e444f6ca

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks