Overview

overview

6

Static

static

3102bda0d4...7e.exe

windows7-x64

6

3102bda0d4...7e.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3102bda0d4ab26577068e2d800d2334e28995e917b6b906bfec7d58704918d7e

  • Size

    210KB

  • Sample

    221002-2eg98sddd2

  • MD5

    02ca32931f38955fe7965a6c0486c2a0

  • SHA1

    776ac4d8fdf33c32625ddcd0218d94cdadcfd25d

  • SHA256

    3102bda0d4ab26577068e2d800d2334e28995e917b6b906bfec7d58704918d7e

  • SHA512

    a976f8200fffd455d08c8ee985ae0fc9a9d58a09749ed03b6f99efb5c57a5fa6fd36dc86e02d6c21c347b1997c243dea4ab983e3db13e542cc4039f3cff2574b

  • SSDEEP

    6144:Pd6VSTMCuhooHyJH5dPMGuMnuqKM9/rrp:oV2hz8GuMnuqx5

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      3102bda0d4ab26577068e2d800d2334e28995e917b6b906bfec7d58704918d7e

    • Size

      210KB

    • MD5

      02ca32931f38955fe7965a6c0486c2a0

    • SHA1

      776ac4d8fdf33c32625ddcd0218d94cdadcfd25d

    • SHA256

      3102bda0d4ab26577068e2d800d2334e28995e917b6b906bfec7d58704918d7e

    • SHA512

      a976f8200fffd455d08c8ee985ae0fc9a9d58a09749ed03b6f99efb5c57a5fa6fd36dc86e02d6c21c347b1997c243dea4ab983e3db13e542cc4039f3cff2574b

    • SSDEEP

      6144:Pd6VSTMCuhooHyJH5dPMGuMnuqKM9/rrp:oV2hz8GuMnuqx5

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks