3a17996a498ab90b5baf5c8c73abd2e34200eb469c797041af386032829885f7 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

kaspersky4...46.exe

windows10-2004-x64

8

Sharing

General

Target

kaspersky4win202121.9.6.465es_37946.exe
Size

3.8MB
Sample

230315-gbzpwsbg46
MD5

f382cad2677e3cc441f96e43400bbf69
SHA1

3389126c4bc882f06134e2176da3995cedf5e14c
SHA256

3a17996a498ab90b5baf5c8c73abd2e34200eb469c797041af386032829885f7
SHA512

f7fcbe3337b1c0b038b4e3ec372d1fdaa585ed8c63023a48c6c2e05b12424dcb03a921db9e792c978d4daee96499d1514ee9f8d5e8b55d6211c33f5a98cdb796
SSDEEP

98304:rQFKOozJ9QennbKgb/LcPOc/KmCPOHxFvSeVEQaJU7pByrcGw:uozfQenzbDcGc2mfJtm

Score

8^/10

bootkit evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

kaspersky4win202121.9.6.465es_37946.exe

Resource

win10v2004-20230221-es

bootkit evasion persistence trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  kaspersky4win202121.9.6.465es_37946.exe
- Size
  
  3.8MB
- MD5
  
  f382cad2677e3cc441f96e43400bbf69
- SHA1
  
  3389126c4bc882f06134e2176da3995cedf5e14c
- SHA256
  
  3a17996a498ab90b5baf5c8c73abd2e34200eb469c797041af386032829885f7
- SHA512
  
  f7fcbe3337b1c0b038b4e3ec372d1fdaa585ed8c63023a48c6c2e05b12424dcb03a921db9e792c978d4daee96499d1514ee9f8d5e8b55d6211c33f5a98cdb796
- SSDEEP
  
  98304:rQFKOozJ9QennbKgb/LcPOc/KmCPOHxFvSeVEQaJU7pByrcGw:uozfQenzbDcGc2mfJtm
Score

8^/10

bootkit evasion persistence trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Checks whether UAC is enabled
  evasion trojan
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Security Software Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitevasionpersistencetrojan

© 2018-2024

Terms | Privacy