8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

8907fdf7f7...84.exe

windows7-x64

8

8907fdf7f7...84.exe

windows10-2004-x64

8

Sharing

General

Target

8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484
Size

614KB
Sample

221003-ad88sahhbj
MD5

4042240f43c436dbc4d24dfe02a060e0
SHA1

858e10b8447448a20da9bdeabb86b72d340aa5ff
SHA256

8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484
SHA512

39489f20b58156435f9dbd17957d14bcb2b48acbae2ead0f9d87feb8156b4a4e9e57c5345c6f7f83b113831996c38b867336b56e78215ccfd2c038718e7056ca
SSDEEP

12288:Bfi3cKVKgTo3CPxvkS/z5jk/uZcz/ZlDka1B5Jm:li3jVdTo3Ide4czjkw5s

Score

8^/10

bootkit persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484.exe

Resource

win7-20220812-en

bootkit persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484.exe

Resource

win10v2004-20220812-en

bootkit persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484
- Size
  
  614KB
- MD5
  
  4042240f43c436dbc4d24dfe02a060e0
- SHA1
  
  858e10b8447448a20da9bdeabb86b72d340aa5ff
- SHA256
  
  8907fdf7f7e67da2cdd8fe7c7ca435003deeb75e2e780ff77f4a702ec26d2484
- SHA512
  
  39489f20b58156435f9dbd17957d14bcb2b48acbae2ead0f9d87feb8156b4a4e9e57c5345c6f7f83b113831996c38b867336b56e78215ccfd2c038718e7056ca
- SSDEEP
  
  12288:Bfi3cKVKgTo3CPxvkS/z5jk/uZcz/ZlDka1B5Jm:li3jVdTo3Ide4czjkw5s
Score

8^/10

bootkit persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2024

Terms | Privacy