General

  • Target

    2992f676851f6952a2d320102af62a190efb24a9a9946c1f777f69f389e5afe1

  • Size

    846KB

  • Sample

    221127-t3kq9sbh92

  • MD5

    7cfdc65f4feb349feb8e0024604e1313

  • SHA1

    0acf2ee8a5cfe9d6f1dec5a0aed15bee45746527

  • SHA256

    2992f676851f6952a2d320102af62a190efb24a9a9946c1f777f69f389e5afe1

  • SHA512

    34fa60c4625424658798c056a6a748d33f911895ef1fb4a743e0b9441afb27bb320e2cf38a0d9dac434b9d0eff0fccec5deebf38f1457593a6d708b7fe4ff90d

  • SSDEEP

    24576:yws5IlKswgKNn0bVPi8zPsPy2Hhc+2w2fMQdxN:ydIF+0bM8z0JHu9b/

Score
8/10

Malware Config

Targets

    • Target

      2992f676851f6952a2d320102af62a190efb24a9a9946c1f777f69f389e5afe1

    • Size

      846KB

    • MD5

      7cfdc65f4feb349feb8e0024604e1313

    • SHA1

      0acf2ee8a5cfe9d6f1dec5a0aed15bee45746527

    • SHA256

      2992f676851f6952a2d320102af62a190efb24a9a9946c1f777f69f389e5afe1

    • SHA512

      34fa60c4625424658798c056a6a748d33f911895ef1fb4a743e0b9441afb27bb320e2cf38a0d9dac434b9d0eff0fccec5deebf38f1457593a6d708b7fe4ff90d

    • SSDEEP

      24576:yws5IlKswgKNn0bVPi8zPsPy2Hhc+2w2fMQdxN:ydIF+0bM8z0JHu9b/

    Score
    8/10
    • Executes dropped EXE

    • Modifies Installed Components in the registry

    • Loads dropped DLL

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

2
T1060

Bootkit

1
T1067

Defense Evasion

Modify Registry

2
T1112

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

2
T1120

System Information Discovery

3
T1082

Tasks