Overview

overview

8

Static

static

28a1402803...eb.exe

windows7-x64

8

28a1402803...eb.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    28a14028032e1a356518ead5d135a93e713488c8d7df76170536c2b4142ef0eb

  • Size

    1.9MB

  • Sample

    221205-xcxvpaeg87

  • MD5

    7d3bf29569617b4bb4d80e6146e91cea

  • SHA1

    627ab655102b50cbc37e98365b41f1f3963215f8

  • SHA256

    28a14028032e1a356518ead5d135a93e713488c8d7df76170536c2b4142ef0eb

  • SHA512

    3a0499b4bdae388cfb8c8763e37f57eea47bc2e83f793c1addf1dd196a1e326e8f9b04b29e5e009e4d1b4406f495af02296ae63ef71fd57f45e87f5ed2e876e2

  • SSDEEP

    24576:3LLuzNlKBSuztGiDpQ/DoIh/DXgCUXr1GM2VmAV5wpLWgjmd1eLiWiPsztXAukxY:3/FJJGvor7wRV92NWgad1kiWHkxAH

Score
8/10
aspackv2bootkitpersistence

Malware Config

Targets

    • Target

      28a14028032e1a356518ead5d135a93e713488c8d7df76170536c2b4142ef0eb

    • Size

      1.9MB

    • MD5

      7d3bf29569617b4bb4d80e6146e91cea

    • SHA1

      627ab655102b50cbc37e98365b41f1f3963215f8

    • SHA256

      28a14028032e1a356518ead5d135a93e713488c8d7df76170536c2b4142ef0eb

    • SHA512

      3a0499b4bdae388cfb8c8763e37f57eea47bc2e83f793c1addf1dd196a1e326e8f9b04b29e5e009e4d1b4406f495af02296ae63ef71fd57f45e87f5ed2e876e2

    • SSDEEP

      24576:3LLuzNlKBSuztGiDpQ/DoIh/DXgCUXr1GM2VmAV5wpLWgjmd1eLiWiPsztXAukxY:3/FJJGvor7wRV92NWgad1kiWHkxAH

    Score
    8/10
    aspackv2bootkitpersistence

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks