Overview

overview

9

Static

static

bfd82049a5...45.exe

windows7-x64

9

bfd82049a5...45.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bfd82049a53eea9b291f69f5dc6f7916cd086a146620f3e5aa90c13961089045

  • Size

    428KB

  • Sample

    221003-e7lrsshedn

  • MD5

    6be4aad9c974ad0977f7f100800fcd90

  • SHA1

    4ccd8ad6abe0da1ed9f116a1e427c91a7a7a375d

  • SHA256

    bfd82049a53eea9b291f69f5dc6f7916cd086a146620f3e5aa90c13961089045

  • SHA512

    32b4197e63ebe6ea9420de740228ce5df4790c04846e02119fe3d308e240dc8bfff7c0b52a4179a962f5bddb1aa70b9ef080852950d5ed35e7d3c57d8aa1e82e

  • SSDEEP

    12288:llUEOEoCpBnBtrDX5+YbLbkYlPQFfnfhR1T:lSEOEoCpBnBtf5RLbkYlPunJR1T

Score
9/10
bootkitpersistence

Malware Config

Targets

    • Target

      bfd82049a53eea9b291f69f5dc6f7916cd086a146620f3e5aa90c13961089045

    • Size

      428KB

    • MD5

      6be4aad9c974ad0977f7f100800fcd90

    • SHA1

      4ccd8ad6abe0da1ed9f116a1e427c91a7a7a375d

    • SHA256

      bfd82049a53eea9b291f69f5dc6f7916cd086a146620f3e5aa90c13961089045

    • SHA512

      32b4197e63ebe6ea9420de740228ce5df4790c04846e02119fe3d308e240dc8bfff7c0b52a4179a962f5bddb1aa70b9ef080852950d5ed35e7d3c57d8aa1e82e

    • SSDEEP

      12288:llUEOEoCpBnBtrDX5+YbLbkYlPQFfnfhR1T:lSEOEoCpBnBtf5RLbkYlPunJR1T

    Score
    9/10
    bootkitpersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks