Overview

overview

7

Static

static

Token.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    Token.exe

  • Size

    48KB

  • Sample

    221227-lxcjpsef78

  • MD5

    3a29ed3a81b260c98e98c9c46d8dd2d8

  • SHA1

    9947658c771ec8583288aaa9a6a850d256436b55

  • SHA256

    c793a7a9c12a86ea3d40ee7938fa6add208f72df9f6ba378cd6473afacccf15a

  • SHA512

    de77ae69f370760cfaef7fff533f330a23375f7cccb327b3147203cde4508534c25b600120fb213035e53cc792c044b132e7d290e3de692570e7dad98f37256f

  • SSDEEP

    768:+e128jKMyqDAfFfknDM/E56s39GS1Q62cjW3HSumDTn/QpCSmO4e+vunNA+r:+wQGmA9R1QbcjW3yum/nOiOEunNA+r

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      Token.exe

    • Size

      48KB

    • MD5

      3a29ed3a81b260c98e98c9c46d8dd2d8

    • SHA1

      9947658c771ec8583288aaa9a6a850d256436b55

    • SHA256

      c793a7a9c12a86ea3d40ee7938fa6add208f72df9f6ba378cd6473afacccf15a

    • SHA512

      de77ae69f370760cfaef7fff533f330a23375f7cccb327b3147203cde4508534c25b600120fb213035e53cc792c044b132e7d290e3de692570e7dad98f37256f

    • SSDEEP

      768:+e128jKMyqDAfFfknDM/E56s39GS1Q62cjW3HSumDTn/QpCSmO4e+vunNA+r:+wQGmA9R1QbcjW3yum/nOiOEunNA+r

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks