Overview

overview

6

Static

static

871f40cc88...5a.exe

windows7-x64

6

871f40cc88...5a.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    871f40cc88a6f8eb6ceacc1856df83bf9c5e79b981f7c52afc8180b9b963865a

  • Size

    368KB

  • Sample

    221203-gqrmtseb6s

  • MD5

    b52c63c677fc84034406166879375ad1

  • SHA1

    f5474706cfe1bd06e5145a1c54a7112fee28bc00

  • SHA256

    871f40cc88a6f8eb6ceacc1856df83bf9c5e79b981f7c52afc8180b9b963865a

  • SHA512

    fd206ee5e030d9978278d63f676694c583a6ff6d6bfdca41868ffea9d478813bffdb9b9d9b08b66153903355bedb2dea9a1bae01faeea346ff6b72f992e1dbe6

  • SSDEEP

    6144:sCqHx2ZZ0wQJfVGn0ymNpiglUTV10zqDfGHe0XmXwU2770qg3:hk20/Q0VTwozqiHH2gUM7XQ

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      871f40cc88a6f8eb6ceacc1856df83bf9c5e79b981f7c52afc8180b9b963865a

    • Size

      368KB

    • MD5

      b52c63c677fc84034406166879375ad1

    • SHA1

      f5474706cfe1bd06e5145a1c54a7112fee28bc00

    • SHA256

      871f40cc88a6f8eb6ceacc1856df83bf9c5e79b981f7c52afc8180b9b963865a

    • SHA512

      fd206ee5e030d9978278d63f676694c583a6ff6d6bfdca41868ffea9d478813bffdb9b9d9b08b66153903355bedb2dea9a1bae01faeea346ff6b72f992e1dbe6

    • SSDEEP

      6144:sCqHx2ZZ0wQJfVGn0ymNpiglUTV10zqDfGHe0XmXwU2770qg3:hk20/Q0VTwozqiHH2gUM7XQ

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks