Overview

overview

9

Static

static

fujian_yxj.exe

windows7-x64

9

fujian_yxj.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e094f8f2c370432812696bc929a32f3d46699fd9579198a89dc3aa8f941894a

  • Size

    472KB

  • Sample

    221124-jl68tsce5t

  • MD5

    034fe5acec238f6d87f821220596e119

  • SHA1

    7b8edfd07d08a557e9e60a2c6ccef531bced67f8

  • SHA256

    3e094f8f2c370432812696bc929a32f3d46699fd9579198a89dc3aa8f941894a

  • SHA512

    8325ce4104548b95c19a058e04474c56df48e74f8f1dc705547bc741f60685171ea37e8c63054a74ed14337f126e4f2defba44ac038ec86a8341d24453313f6e

  • SSDEEP

    6144:a865hKw1lSZrf/NzqBNIupgQKRO9eTm8kq/s40pZwwkKyghNO6ELhFJDOq6JrpNF:a86/UmRKn9Wm3WadFs3Nr2kv

Score
9/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      fujian_yxj.exe

    • Size

      1.2MB

    • MD5

      01cf8f719fe12bb29996c7f30dfeaa00

    • SHA1

      2fc1b2fc9f35ff6dda620c661683609be4e8206c

    • SHA256

      b4ba7556dd679f02be4a2942a2cae0eaf7083abc13e55c47f81b1405d3327d69

    • SHA512

      42b469e832c071d4214fd593b6c785b106fa2fe0ffce305b859a694831cb245ca8fa265f4e1f2b3512415ad612ed3c7ee7b0eb4f719770a4d1ad3e728dc25e7f

    • SSDEEP

      24576:iYH4wSEoFeFcbJNmcY8+ACqAqPH2VmG3D:iYeLNx0qJf2cE

    Score
    9/10
    bootkitpersistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks