Overview

overview

7

Static

static

cd38de6b64...64.exe

windows7-x64

7

cd38de6b64...64.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cd38de6b64af1aa69f59a13fb918e875001169905572147297f82e7379dfcd64

  • Size

    3.4MB

  • Sample

    220923-hlmnradde5

  • MD5

    9298b9f1f5f435f27dc46ad0a60df92a

  • SHA1

    f33091f8dcdc7dc8deda8f2b5317cbb5fd4a9dfd

  • SHA256

    cd38de6b64af1aa69f59a13fb918e875001169905572147297f82e7379dfcd64

  • SHA512

    28939f9d06700c2954e76aa0945a4b49b7526f0b28d247b8c072b755f2e6e97c98b06fc26184cdc52b1b6b4a1793df2f676efd65243f971d2d5d7c54cac0a04f

  • SSDEEP

    49152:wodMpdZGgwXKq3dL+WeEbaxJAtoJyWD9sjG092AoLtHe5XN5zbsPDBTusUkrGqso:womddzCdVeEeJAtg+T5xrhdi8qZ5

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      cd38de6b64af1aa69f59a13fb918e875001169905572147297f82e7379dfcd64

    • Size

      3.4MB

    • MD5

      9298b9f1f5f435f27dc46ad0a60df92a

    • SHA1

      f33091f8dcdc7dc8deda8f2b5317cbb5fd4a9dfd

    • SHA256

      cd38de6b64af1aa69f59a13fb918e875001169905572147297f82e7379dfcd64

    • SHA512

      28939f9d06700c2954e76aa0945a4b49b7526f0b28d247b8c072b755f2e6e97c98b06fc26184cdc52b1b6b4a1793df2f676efd65243f971d2d5d7c54cac0a04f

    • SSDEEP

      49152:wodMpdZGgwXKq3dL+WeEbaxJAtoJyWD9sjG092AoLtHe5XN5zbsPDBTusUkrGqso:womddzCdVeEeJAtg+T5xrhdi8qZ5

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks