Overview

overview

8

Static

static

ce3d0a20eb...86.exe

windows7-x64

8

ce3d0a20eb...86.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    ce3d0a20eb07292858c02bbc09545dfe14b17f9361466a15fcf65273947f0086

  • Size

    747KB

  • Sample

    221204-n5w97abd9s

  • MD5

    25e60ac284100ff75a5037916cf1fc10

  • SHA1

    8c70cb61fc225d22a0ceee2a4fe5096d89fa3975

  • SHA256

    ce3d0a20eb07292858c02bbc09545dfe14b17f9361466a15fcf65273947f0086

  • SHA512

    ea17ea966e6ee1e214cf54e1645c2bb183901c6e7aa028284f4886ae3866cde0900a975907209052a4fa5c60e0779e577f3bc86fd317d74131a87edd3358c8b7

  • SSDEEP

    12288:Aw2vBhyUfYbzx03+0onh6YLli2BzoXBrq9yiqCltXOvXgkkR0Oskn5tHqUMg5:AREUfYbF03+TAYQgcW5qM30cQBu

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      ce3d0a20eb07292858c02bbc09545dfe14b17f9361466a15fcf65273947f0086

    • Size

      747KB

    • MD5

      25e60ac284100ff75a5037916cf1fc10

    • SHA1

      8c70cb61fc225d22a0ceee2a4fe5096d89fa3975

    • SHA256

      ce3d0a20eb07292858c02bbc09545dfe14b17f9361466a15fcf65273947f0086

    • SHA512

      ea17ea966e6ee1e214cf54e1645c2bb183901c6e7aa028284f4886ae3866cde0900a975907209052a4fa5c60e0779e577f3bc86fd317d74131a87edd3358c8b7

    • SSDEEP

      12288:Aw2vBhyUfYbzx03+0onh6YLli2BzoXBrq9yiqCltXOvXgkkR0Oskn5tHqUMg5:AREUfYbF03+TAYQgcW5qM30cQBu

    Score
    8/10
    bootkitpersistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks