5825312c6629f85d095b46a00aa8d4415516881752a5703d8f7039fae542b532 | Triage

Sharing

General

Target

5825312c6629f85d095b46a00aa8d4415516881752a5703d8f7039fae542b532
Size

701KB
Sample

221125-1zxpzsdc3x
MD5

10976e50ab1a4a44c0b5750c0c61c16b
SHA1

8e5ca4a20cb1e510eabe1174172fd1253afe7758
SHA256

5825312c6629f85d095b46a00aa8d4415516881752a5703d8f7039fae542b532
SHA512

18d533029f16d5bce49673e1d9911fed3cddbe9df6d7b3b0ef6d160b0d92b740f52f767d195bc5f895fce65d5ac33036d89065bc5d3a683a3b6b2ff5bbad10ec
SSDEEP

12288:ecsjbjAAhT+4r3M3fiE1EKVJjShrPeAwy3vmpkOQ7sIcZM1/VdqNdnEGExZoeqIl:ijZBPr3BEzVJjmioubPlZ+WEpZoICcb

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  4399洛克王国东哥辅助v6.3/CombineExt.dll
- Size
  
  134KB
- MD5
  
  8271c9a75092ba16b410e2feea582abb
- SHA1
  
  77e3a6cd8688e75e9196409da389424dfb390827
- SHA256
  
  2cd1547ec4025bfa98fefbbe11ee1c1458783062dbed230c163b98f1cac1dbf2
- SHA512
  
  bff067631f31e48e4dc6cab42e9f032ad1bb0577e76cb49d2389770ad9aa39b2e0f134dd4974520e1a32ca8e6a3b0815138ff775ebde2abc833fb3f75a50c1aa
- SSDEEP
  
  3072:7cwY+OJPJtNk7SMLtt8/BC9uUXrmPvvFYS5GLq:XWPJT9K8JCuiqPQu
Score

1^/10
behavioral1 behavioral2
- Target
  
  4399洛克王国东哥辅助v6.3/洛克王国.exe
- Size
  
  2.1MB
- MD5
  
  8ab0b7e54c5aa0674a18f16888a306c1
- SHA1
  
  5115484309463172d7dec935b5837b8c21f8d10f
- SHA256
  
  2681f978a4f13d6b1f008a884870c3c31273d342dd1fce101a2f6071af30048a
- SHA512
  
  3c2963b08d386abaef7877a88b81045dfa1646589293e8096c30094d474dd17b8b6a2acbb0e64f0e3433d131d4b6c99489172e0c781da242d0b39fc329b7bad1
- SSDEEP
  
  49152:8huWMIeqinlXyhnqFZKd/vODDDDDDDDDvxr:NVIeLn1yhqzKtODDDDDDDDDvxr
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

bootkitpersistence

behavioral4

bootkitpersistence