da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff | Triage

Submit
Reports

Overview

overview

8

Static

static

8

da942abec4...ff.exe

windows7-x64

8

da942abec4...ff.exe

windows10-2004-x64

8

Sharing

General

Target

da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff
Size

737KB
Sample

221125-l5nxpsdb4v
MD5

16a893c66114c93b6badd988eac721f2
SHA1

0f82b3ede2a7ec35f23bca14327c900d37af36a8
SHA256

da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff
SHA512

00dff36f19635dde1a22fa9d42ad308b263928cbb772bc13bfeecc8d62e7c6a4501798778cc7b030fff69912d6d34420afa3fe8982bbdd35375a00febb27cd39
SSDEEP

12288:UNSpN+CahFL6z7/3gOgGk/a65ptoW9cad/6sdidFBRR1ISGx5X4iYAuT10QVhc/Q:YSqCkFL6n/gyk/aGto38didFnR1xGnoB

Score

8^/10

bootkit persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff.exe

Resource

win7-20220812-en

bootkit persistence upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff.exe

Resource

win10v2004-20220812-en

bootkit persistence upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff
- Size
  
  737KB
- MD5
  
  16a893c66114c93b6badd988eac721f2
- SHA1
  
  0f82b3ede2a7ec35f23bca14327c900d37af36a8
- SHA256
  
  da942abec4203cab6b04833f8003f864c22a6b8f1c82172e6686499c1b60dbff
- SHA512
  
  00dff36f19635dde1a22fa9d42ad308b263928cbb772bc13bfeecc8d62e7c6a4501798778cc7b030fff69912d6d34420afa3fe8982bbdd35375a00febb27cd39
- SSDEEP
  
  12288:UNSpN+CahFL6z7/3gOgGk/a65ptoW9cad/6sdidFBRR1ISGx5X4iYAuT10QVhc/Q:YSqCkFL6n/gyk/aGto38didFnR1xGnoB
Score

8^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2024

Terms | Privacy