Overview

overview

8

Static

static

2c7118de75...d6.exe

windows7-x64

8

2c7118de75...d6.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c7118de75b3bad1d68bb9b25f7870ef4bd3c85fd4eab8e23b0448665a603ad6

  • Size

    1.3MB

  • Sample

    221123-zjezkaga7z

  • MD5

    44dae246ad725aa8f23c61ef708ec517

  • SHA1

    9ab08189aecadcc87f4a6cdef9adb2957c23e67a

  • SHA256

    2c7118de75b3bad1d68bb9b25f7870ef4bd3c85fd4eab8e23b0448665a603ad6

  • SHA512

    e71ea05adf326354b4930ad420618001157b31f2746c471c93794bde1e82628e04b6b32bb14524df38b548c44c42af0a2da1010090c547a7c7ece2af6f3cfb31

  • SSDEEP

    24576:O4F5v9VBj0jW5HrxZX/k4vRJ14ALbLkmta0I5i2HnNaTy/V25SrQDU7:O4n5H/bvjLLUmta0I5bSEbWU7

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      2c7118de75b3bad1d68bb9b25f7870ef4bd3c85fd4eab8e23b0448665a603ad6

    • Size

      1.3MB

    • MD5

      44dae246ad725aa8f23c61ef708ec517

    • SHA1

      9ab08189aecadcc87f4a6cdef9adb2957c23e67a

    • SHA256

      2c7118de75b3bad1d68bb9b25f7870ef4bd3c85fd4eab8e23b0448665a603ad6

    • SHA512

      e71ea05adf326354b4930ad420618001157b31f2746c471c93794bde1e82628e04b6b32bb14524df38b548c44c42af0a2da1010090c547a7c7ece2af6f3cfb31

    • SSDEEP

      24576:O4F5v9VBj0jW5HrxZX/k4vRJ14ALbLkmta0I5i2HnNaTy/V25SrQDU7:O4n5H/bvjLLUmta0I5bSEbWU7

    Score
    8/10
    bootkitpersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks