Overview

overview

9

Static

static

a1ce4f0788...0c.exe

windows7-x64

9

a1ce4f0788...0c.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1ce4f0788eefb8e02dee3dd6c33d324fdc97f5e552b2397d5849a2f500ba80c

  • Size

    7.5MB

  • Sample

    221124-lwg3sseh96

  • MD5

    4a0766f42d528e507f6ea48555a07d0d

  • SHA1

    cb6857fff98952495f212eece98a9e3dc190bf3b

  • SHA256

    a1ce4f0788eefb8e02dee3dd6c33d324fdc97f5e552b2397d5849a2f500ba80c

  • SHA512

    fda37ab168feaeb8e9b4e50737bcf99bd3fb794037dbe259115df467dccb685a808fe7e3dd59c9b57be867205d891d44259e05ee8e8452ab005287f11cfee706

  • SSDEEP

    196608:frg5GjqMEnMgvs/s7veVyzXgPgh8N7ZQSX6UpgDdDOZ/y:c5JMUMgveszeVwQkc9zmdyg

Score
9/10
bootkitpersistence

Malware Config

Targets

    • Target

      a1ce4f0788eefb8e02dee3dd6c33d324fdc97f5e552b2397d5849a2f500ba80c

    • Size

      7.5MB

    • MD5

      4a0766f42d528e507f6ea48555a07d0d

    • SHA1

      cb6857fff98952495f212eece98a9e3dc190bf3b

    • SHA256

      a1ce4f0788eefb8e02dee3dd6c33d324fdc97f5e552b2397d5849a2f500ba80c

    • SHA512

      fda37ab168feaeb8e9b4e50737bcf99bd3fb794037dbe259115df467dccb685a808fe7e3dd59c9b57be867205d891d44259e05ee8e8452ab005287f11cfee706

    • SSDEEP

      196608:frg5GjqMEnMgvs/s7veVyzXgPgh8N7ZQSX6UpgDdDOZ/y:c5JMUMgveszeVwQkc9zmdyg

    Score
    9/10
    bootkitpersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks