Overview

overview

8

Static

static

8

221cbbb460...1a.dll

windows7-x64

8

221cbbb460...1a.dll

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    221cbbb460e56a0da3a319868bcd8cc655aea7c9903a897cdbbed1507caec41a

  • Size

    1.3MB

  • Sample

    221123-za1vnscc99

  • MD5

    77c65616770bccfb5a9a0c77ae5bc263

  • SHA1

    8029b4c149b08ac01e270230ea0885a72c1c5229

  • SHA256

    221cbbb460e56a0da3a319868bcd8cc655aea7c9903a897cdbbed1507caec41a

  • SHA512

    b357ef1b8c6026cb9ac34f998e22e4f738bdcdfbaa036633b25d97ff3eee12db4e6a39ad8752f26a1de1dd30e97ddd17ee84310c8087d75b8e80e2ad0777f2c8

  • SSDEEP

    24576:EZWmSs4phYgGwpDaO9l11Vy3gJu7Hjrmd9KIf1bKLauR:EZiCgnuOL1CgJ/sC1bkau

Score
8/10
bootkitpersistencevmprotect

Malware Config

Targets

    • Target

      221cbbb460e56a0da3a319868bcd8cc655aea7c9903a897cdbbed1507caec41a

    • Size

      1.3MB

    • MD5

      77c65616770bccfb5a9a0c77ae5bc263

    • SHA1

      8029b4c149b08ac01e270230ea0885a72c1c5229

    • SHA256

      221cbbb460e56a0da3a319868bcd8cc655aea7c9903a897cdbbed1507caec41a

    • SHA512

      b357ef1b8c6026cb9ac34f998e22e4f738bdcdfbaa036633b25d97ff3eee12db4e6a39ad8752f26a1de1dd30e97ddd17ee84310c8087d75b8e80e2ad0777f2c8

    • SSDEEP

      24576:EZWmSs4phYgGwpDaO9l11Vy3gJu7Hjrmd9KIf1bKLauR:EZiCgnuOL1CgJ/sC1bkau

    Score
    8/10
    bootkitpersistencevmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks