Overview

overview

8

Static

static

1

e2bb572311...6d.exe

windows7-x64

8

e2bb572311...6d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e2bb57231182291052cd1a604a9cd4a63ddc20e8fa47b97f90b8ca685c7c566d

  • Size

    450KB

  • Sample

    221003-n83ldaega8

  • MD5

    62ae4a1b272c8ee6a810d94a45e8ae80

  • SHA1

    3075f605d69781412b9f53d8406309121aa1d99e

  • SHA256

    e2bb57231182291052cd1a604a9cd4a63ddc20e8fa47b97f90b8ca685c7c566d

  • SHA512

    8702cd055ff8a2a40b1905cf19d4a9ddfbd5c89419c341b5f1233f58c2ce152d548e33650c1128a413feb43f6cc19ee531bdfc7f63eb1aec713c2a18ffcbcdc1

  • SSDEEP

    6144:xOPj/BX7MRCgsdng3t/B52PUiL6QybdMFmO7NScqXiJ1H3AGrMbNvy3JRWC3RjDj:6tX7GCgsd0/TqL6QymEO7QE1wYDWC6C

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      e2bb57231182291052cd1a604a9cd4a63ddc20e8fa47b97f90b8ca685c7c566d

    • Size

      450KB

    • MD5

      62ae4a1b272c8ee6a810d94a45e8ae80

    • SHA1

      3075f605d69781412b9f53d8406309121aa1d99e

    • SHA256

      e2bb57231182291052cd1a604a9cd4a63ddc20e8fa47b97f90b8ca685c7c566d

    • SHA512

      8702cd055ff8a2a40b1905cf19d4a9ddfbd5c89419c341b5f1233f58c2ce152d548e33650c1128a413feb43f6cc19ee531bdfc7f63eb1aec713c2a18ffcbcdc1

    • SSDEEP

      6144:xOPj/BX7MRCgsdng3t/B52PUiL6QybdMFmO7NScqXiJ1H3AGrMbNvy3JRWC3RjDj:6tX7GCgsd0/TqL6QymEO7QE1wYDWC6C

    Score
    8/10
    bootkitpersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks