Overview

overview

8

Static

static

d408f2f525...e9.exe

windows7_x64

8

d408f2f525...e9.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d408f2f525ee6f6d3fa314dff7843596c07d632a72717a1c51cef87a7cafd7e9

  • Size

    956KB

  • Sample

    220524-dpafdaghhn

  • MD5

    aa582093578a4d7aef4cac3026fad91a

  • SHA1

    a4a18950f47a92ae42b226501f240da17e20a5df

  • SHA256

    d408f2f525ee6f6d3fa314dff7843596c07d632a72717a1c51cef87a7cafd7e9

  • SHA512

    92c737ec587eead9e4bb444f8686331b3bc1454388e1dcc63067d118a7097ba04af2115f2e0a8ee5c147062af8eeed60933cbb77ec9b2f6cbf1f1853402a98f6

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      d408f2f525ee6f6d3fa314dff7843596c07d632a72717a1c51cef87a7cafd7e9

    • Size

      956KB

    • MD5

      aa582093578a4d7aef4cac3026fad91a

    • SHA1

      a4a18950f47a92ae42b226501f240da17e20a5df

    • SHA256

      d408f2f525ee6f6d3fa314dff7843596c07d632a72717a1c51cef87a7cafd7e9

    • SHA512

      92c737ec587eead9e4bb444f8686331b3bc1454388e1dcc63067d118a7097ba04af2115f2e0a8ee5c147062af8eeed60933cbb77ec9b2f6cbf1f1853402a98f6

    Score
    8/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks