3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674 | Triage

Submit
Reports

Overview

overview

7

Static

static

1

3ee9ec2260...74.exe

windows7-x64

7

3ee9ec2260...74.exe

windows10-2004-x64

7

Sharing

General

Target

3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674
Size

84KB
Sample

221002-2mfrdafcbp
MD5

40b1a103f8b7ef3a395a7ba860cab16d
SHA1

c56493a2938b35b44f9b0ba0bada7ba56b87b4d9
SHA256

3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674
SHA512

99475a4779a310a10cf993606906a322bdb71377e37977e32e3bba91f44b34b11045a46b218f5611dbf51829be20de1d734474696c2ad94bc7d8c58e2a95d438
SSDEEP

1536:kpgpHzb9dZVX9fHMvG0D3XJwIKGA61MVt5Rf26G93E6NO1uWFlkqIzjbanys:SgXdZt9P6D3XJwIKQCjROlhOZFl5K2

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674.exe

Resource

win7-20220812-en

bootkit discovery persistence

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674.exe

Resource

win10v2004-20220812-en

bootkit discovery persistence

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674
- Size
  
  84KB
- MD5
  
  40b1a103f8b7ef3a395a7ba860cab16d
- SHA1
  
  c56493a2938b35b44f9b0ba0bada7ba56b87b4d9
- SHA256
  
  3ee9ec2260b8b4e647aa044a5001b316e4f298606fdcb3590a8f0ec94f61f674
- SHA512
  
  99475a4779a310a10cf993606906a322bdb71377e37977e32e3bba91f44b34b11045a46b218f5611dbf51829be20de1d734474696c2ad94bc7d8c58e2a95d438
- SSDEEP
  
  1536:kpgpHzb9dZVX9fHMvG0D3XJwIKGA61MVt5Rf26G93E6NO1uWFlkqIzjbanys:SgXdZt9P6D3XJwIKQCjROlhOZFl5K2
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy