5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad | Triage

Submit
Reports

Overview

overview

8

Static

static

5dae96f32a...ad.exe

windows7-x64

8

5dae96f32a...ad.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad
Size

390KB
Sample

221029-2j4zssafhq
MD5

843f67e61f8ea070440d68f0aa0b25b0
SHA1

e3c806672122cf987652336ade843b8447301963
SHA256

5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad
SHA512

051f6f7c5e39ac906e3b6587f84b15366cfef4c77adc5a1306b9fe60bc11068f5bda27d119fdc673dc61d3d8ea3f37b66e80e2ef3f7b109ffef3af6c09f09acc
SSDEEP

6144:Up7qndEXlBdJWFzCskkY+fA6gn375qt+XCX4z898gWNlPTGQQm6agrdv:U5idE1YCskkCn37cts+CnNtTirdv

Score

8^/10

bootkit persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad.exe

Resource

win7-20220812-en

bootkit persistence upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad
- Size
  
  390KB
- MD5
  
  843f67e61f8ea070440d68f0aa0b25b0
- SHA1
  
  e3c806672122cf987652336ade843b8447301963
- SHA256
  
  5dae96f32aad5ee274c239b4f328dbe56419487561e00daeb80d5ed6823128ad
- SHA512
  
  051f6f7c5e39ac906e3b6587f84b15366cfef4c77adc5a1306b9fe60bc11068f5bda27d119fdc673dc61d3d8ea3f37b66e80e2ef3f7b109ffef3af6c09f09acc
- SSDEEP
  
  6144:Up7qndEXlBdJWFzCskkY+fA6gn375qt+XCX4z898gWNlPTGQQm6agrdv:U5idE1YCskkCn37cts+CnNtTirdv
Score

8^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

© 2018-2025

Terms | Privacy