Overview

overview

6

Static

static

b6d4d85540...e2.dll

windows7-x64

6

b6d4d85540...e2.dll

windows10-2004-x64

5

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2

  • Size

    864KB

  • Sample

    221203-hkfh2sgd9y

  • MD5

    aee9d12ec17e9fc250cfb56f9a530e36

  • SHA1

    509405a33897700ee9d294c92397b352288ab342

  • SHA256

    b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2

  • SHA512

    4b75e0bf47e41b984bba62259e770e54963c141c71bfcc6a0bbc36068a37fadcef9c9d5177192dd544e060440fa51eb532780e4850d57aedce98764a64c96d46

  • SSDEEP

    24576:SMkuNMkBhiyJRwQnN2K3yWds0JkKyVx+HNrUQRqM8:rkuNMkTialcadsLz+tgQM

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2

    • Size

      864KB

    • MD5

      aee9d12ec17e9fc250cfb56f9a530e36

    • SHA1

      509405a33897700ee9d294c92397b352288ab342

    • SHA256

      b6d4d85540bf70ac43b05ed94efc8f021d07526a56543f06dae986337e3d84e2

    • SHA512

      4b75e0bf47e41b984bba62259e770e54963c141c71bfcc6a0bbc36068a37fadcef9c9d5177192dd544e060440fa51eb532780e4850d57aedce98764a64c96d46

    • SSDEEP

      24576:SMkuNMkBhiyJRwQnN2K3yWds0JkKyVx+HNrUQRqM8:rkuNMkTialcadsLz+tgQM

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks