fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157 | Triage

Submit
Reports

Overview

overview

8

Static

static

fc798d99a0...57.exe

windows7-x64

8

fc798d99a0...57.exe

windows10-2004-x64

8

Sharing

General

Target

fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157
Size

13.7MB
Sample

221220-ya2ljaag94
MD5

81fad0e98458e30eef4f0f5048b9ea02
SHA1

f9bc75be44e9cb1b32a13dfbbf690ce1b3db8574
SHA256

fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157
SHA512

eb1fb133a6d52310015c90cfb98a7c9afd282c6d12dc58d0fff811fec208f8ba9c1361f4b800f9620790fec3ab24a95dc7e82ae8f971c3a75c6ac03d5fb0794e
SSDEEP

196608:GvsQBZQJTJWQchfrwUERnh2LGuCv9P6LFos0UsMt9FWc8WcG9yyap0/wbETos8AO:lMQRBcNYAqvdmSsUws4L9yL0Gmvh49

Score

8^/10

bootkit persistence upx

Static task

static1

Behavioral task

behavioral1

Sample

fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157.exe

Resource

win7-20221111-en

bootkit persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157.exe

Resource

win10v2004-20221111-en

bootkit persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157
- Size
  
  13.7MB
- MD5
  
  81fad0e98458e30eef4f0f5048b9ea02
- SHA1
  
  f9bc75be44e9cb1b32a13dfbbf690ce1b3db8574
- SHA256
  
  fc798d99a0835af6b475658d274a96fc09b25fe26f91e165baa20dfab712b157
- SHA512
  
  eb1fb133a6d52310015c90cfb98a7c9afd282c6d12dc58d0fff811fec208f8ba9c1361f4b800f9620790fec3ab24a95dc7e82ae8f971c3a75c6ac03d5fb0794e
- SSDEEP
  
  196608:GvsQBZQJTJWQchfrwUERnh2LGuCv9P6LFos0UsMt9FWc8WcG9yyap0/wbETos8AO:lMQRBcNYAqvdmSsUws4L9yL0Gmvh49
Score

8^/10

bootkit persistence upx
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy