Overview

overview

9

Static

static

212de2d643...8b.exe

windows7-x64

9

212de2d643...8b.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    212de2d643813b547509af4159e19ed02cd02800efef274f6803322ecf423a8b

  • Size

    1.2MB

  • Sample

    221127-er315shb49

  • MD5

    72b48d0bb2af3bbf82a91e17147e853c

  • SHA1

    cfb5b87b5256c548c03cc3398ffbef833512d872

  • SHA256

    212de2d643813b547509af4159e19ed02cd02800efef274f6803322ecf423a8b

  • SHA512

    65f0ae5266ef547b57c13f7c29eb1762f43a5a415681b2d5f345f0e6d5c3dac994176aa4960cbc50e5a9dfc6c69ff3538f4ce7826535ab1b84016adc4e753d0b

  • SSDEEP

    24576:crtqZbMxGGw9Huac25iEW91KW2e487GyRGaRgskbY2G3D:UuekutIjWz4TyZJkbY2A

Score
9/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      212de2d643813b547509af4159e19ed02cd02800efef274f6803322ecf423a8b

    • Size

      1.2MB

    • MD5

      72b48d0bb2af3bbf82a91e17147e853c

    • SHA1

      cfb5b87b5256c548c03cc3398ffbef833512d872

    • SHA256

      212de2d643813b547509af4159e19ed02cd02800efef274f6803322ecf423a8b

    • SHA512

      65f0ae5266ef547b57c13f7c29eb1762f43a5a415681b2d5f345f0e6d5c3dac994176aa4960cbc50e5a9dfc6c69ff3538f4ce7826535ab1b84016adc4e753d0b

    • SSDEEP

      24576:crtqZbMxGGw9Huac25iEW91KW2e487GyRGaRgskbY2G3D:UuekutIjWz4TyZJkbY2A

    Score
    9/10
    bootkitpersistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks