021553bbc2ff7f71725121dbf221d21b734c642d0528dda4a30daa8b5725dbba | Triage

Resubmissions

16/02/2023, 00:06

230216-ad5wcsee2x 7

16/02/2023, 00:01

230216-aa4twsed9y 7

Sharing

Copy URL Twitter E-mail

General

Target

mt5setup.exe
Size

3.2MB
Sample

230216-ad5wcsee2x
MD5

d6bc6802b8685482a3e98e07073b4990
SHA1

bddccd8c24537f45679497f947688fbb1c3d1bec
SHA256

021553bbc2ff7f71725121dbf221d21b734c642d0528dda4a30daa8b5725dbba
SHA512

29594947769496634d1f0308c695718dbb6f5bab03ecbcac0ef25a5dfc51cd17e04aba7708af77b24c73b0ae31e5e2197f7a6e393295210d089e4ecef6a0b0d4
SSDEEP

49152:3Q4kgYgh0Zjq+v0/cTyD7CuDHwb0X3nOpCO4:LkgWq1HQS+kO4

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  mt5setup.exe
- Size
  
  3.2MB
- MD5
  
  d6bc6802b8685482a3e98e07073b4990
- SHA1
  
  bddccd8c24537f45679497f947688fbb1c3d1bec
- SHA256
  
  021553bbc2ff7f71725121dbf221d21b734c642d0528dda4a30daa8b5725dbba
- SHA512
  
  29594947769496634d1f0308c695718dbb6f5bab03ecbcac0ef25a5dfc51cd17e04aba7708af77b24c73b0ae31e5e2197f7a6e393295210d089e4ecef6a0b0d4
- SSDEEP
  
  49152:3Q4kgYgh0Zjq+v0/cTyD7CuDHwb0X3nOpCO4:LkgWq1HQS+kO4
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence