General

  • Target

    kaspersky4win202121.9.6.465es_37904.exe

  • Size

    3.8MB

  • Sample

    230316-n9dnmsch8y

  • MD5

    75f466f96be7808f43453649abd5989a

  • SHA1

    16af0d80fd0f34eeb3953ac8b3b7f9d0ee7826a7

  • SHA256

    418f546f9313b9c82018bc02e75e7656bbac7c837b83b1d932865250fe249eeb

  • SHA512

    6fe1f38174c34609af2f91aa1f1aa81a586adb6b2c30b7de6f333ef3f82484f9b485ffc281eb536d3e34726ab68ea3c3191fe5967fd6e62664252f937c8b4394

  • SSDEEP

    98304:cQFKOo5J9QennbKgb/iHQ2zFoepucP4Ls+6uUmd5KaJjL8U7VByrcGw:/o5fQenzbz2xoeYtsQddoQjL9Jm

Malware Config

Targets

    • Target

      kaspersky4win202121.9.6.465es_37904.exe

    • Size

      3.8MB

    • MD5

      75f466f96be7808f43453649abd5989a

    • SHA1

      16af0d80fd0f34eeb3953ac8b3b7f9d0ee7826a7

    • SHA256

      418f546f9313b9c82018bc02e75e7656bbac7c837b83b1d932865250fe249eeb

    • SHA512

      6fe1f38174c34609af2f91aa1f1aa81a586adb6b2c30b7de6f333ef3f82484f9b485ffc281eb536d3e34726ab68ea3c3191fe5967fd6e62664252f937c8b4394

    • SSDEEP

      98304:cQFKOo5J9QennbKgb/iHQ2zFoepucP4Ls+6uUmd5KaJjL8U7VByrcGw:/o5fQenzbz2xoeYtsQddoQjL9Jm

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Discovery

System Information Discovery

4
T1082

Query Registry

1
T1012

Tasks