Overview

overview

8

Static

static

d6b06fa804...d9.exe

windows7-x64

d6b06fa804...d9.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6b06fa804cd7cf54ec18ab4eac689eb17c44c5a1f3bedf906c7a9e89b3a02d9

  • Size

    10KB

  • Sample

    221124-kgkppsee8s

  • MD5

    6a45b1b99472199f8ba3b07547fce7f5

  • SHA1

    ce68084f7fc3c27dcf6916ee7bfc14a1e03c34ff

  • SHA256

    d6b06fa804cd7cf54ec18ab4eac689eb17c44c5a1f3bedf906c7a9e89b3a02d9

  • SHA512

    3ee03cd46b8838c7ad90f054e29f527b5236299758d419cb2a611ecde449fd86fcf8f603b891ececad6a596055252e9335e8fde04ea06d8622ed6ad664012751

  • SSDEEP

    96:ylNrqC4RquUqCLm8ClTckBcf0hKMqizUWkQHvCqw:6rqvqucLm8CrcchKMqi+QPCqw

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      d6b06fa804cd7cf54ec18ab4eac689eb17c44c5a1f3bedf906c7a9e89b3a02d9

    • Size

      10KB

    • MD5

      6a45b1b99472199f8ba3b07547fce7f5

    • SHA1

      ce68084f7fc3c27dcf6916ee7bfc14a1e03c34ff

    • SHA256

      d6b06fa804cd7cf54ec18ab4eac689eb17c44c5a1f3bedf906c7a9e89b3a02d9

    • SHA512

      3ee03cd46b8838c7ad90f054e29f527b5236299758d419cb2a611ecde449fd86fcf8f603b891ececad6a596055252e9335e8fde04ea06d8622ed6ad664012751

    • SSDEEP

      96:ylNrqC4RquUqCLm8ClTckBcf0hKMqizUWkQHvCqw:6rqvqucLm8CrcchKMqi+QPCqw

    Score
    8/10
    bootkitpersistence

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks