07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060 | Triage

Submit
Reports

Overview

overview

8

Static

static

07038fdbef...60.exe

windows7-x64

6

07038fdbef...60.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060
Size

829KB
Sample

221205-tgye8shc8x
MD5

455a685d226293eba3cccfd763897910
SHA1

32afa6cbdc16ce965b42ff62bda0939abe782f6c
SHA256

07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060
SHA512

9f58c6e1155fe66a50521d644258c0b3ddcea48554f5d96d78fd86c9302423a6557403aa0c0437c60cbd3a62afbe480e50256151d0b3a554548b970bb94b3c2a
SSDEEP

12288:ILdf2+WG5OYnqCnTslv0LWMVvIiZOjFFprdehR03jXIsAbRJ5K/huO3g5XYti4oP:IL12+DFqCnYlOVv+jFLheczXAbjyEXV

Score

8^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060.exe

Resource

win7-20221111-en

bootkit persistence

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060.exe

Resource

win10v2004-20220901-en

bootkit persistence

windows10-2004-x64

19 signatures

150 seconds

Malware Config

Targets

- Target
  
  07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060
- Size
  
  829KB
- MD5
  
  455a685d226293eba3cccfd763897910
- SHA1
  
  32afa6cbdc16ce965b42ff62bda0939abe782f6c
- SHA256
  
  07038fdbefef7eae8b2f2f11bc151c9f0981c51ed3a2ce132fe978f219c08060
- SHA512
  
  9f58c6e1155fe66a50521d644258c0b3ddcea48554f5d96d78fd86c9302423a6557403aa0c0437c60cbd3a62afbe480e50256151d0b3a554548b970bb94b3c2a
- SSDEEP
  
  12288:ILdf2+WG5OYnqCnTslv0LWMVvIiZOjFFprdehR03jXIsAbRJ5K/huO3g5XYti4oP:IL12+DFqCnYlOVv+jFLheczXAbjyEXV
Score

8^/10

bootkit persistence
- Modifies Installed Components in the registry
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2025

Terms | Privacy