Overview

overview

6

Static

static

d0ee8ab8ec...eb.exe

windows7-x64

6

d0ee8ab8ec...eb.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d0ee8ab8ec997c1b134bc9516f0bc788bc08a770f5f4d56b4c5bff3fbce55beb

  • Size

    280KB

  • Sample

    221203-gp4k1aea9z

  • MD5

    6189aa9cd597f9a1ff1d4f4197ab16c0

  • SHA1

    7f658224a2e34375469710c6e64b9ad81d6b426f

  • SHA256

    d0ee8ab8ec997c1b134bc9516f0bc788bc08a770f5f4d56b4c5bff3fbce55beb

  • SHA512

    6a1552784e8689768e12571246deff4135341c3242262b24dbdb0364487b35e8df0f43d543e9f1905dca0d9e1696fcc8dc24f10ea629a2992df5cfbcc943dcbf

  • SSDEEP

    6144:iKRS87kW10IVb7LZ72Nmm6Sr00wtKnHQ:f7kQHZ7ommrg0wO

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      d0ee8ab8ec997c1b134bc9516f0bc788bc08a770f5f4d56b4c5bff3fbce55beb

    • Size

      280KB

    • MD5

      6189aa9cd597f9a1ff1d4f4197ab16c0

    • SHA1

      7f658224a2e34375469710c6e64b9ad81d6b426f

    • SHA256

      d0ee8ab8ec997c1b134bc9516f0bc788bc08a770f5f4d56b4c5bff3fbce55beb

    • SHA512

      6a1552784e8689768e12571246deff4135341c3242262b24dbdb0364487b35e8df0f43d543e9f1905dca0d9e1696fcc8dc24f10ea629a2992df5cfbcc943dcbf

    • SSDEEP

      6144:iKRS87kW10IVb7LZ72Nmm6Sr00wtKnHQ:f7kQHZ7ommrg0wO

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks