Overview

overview

6

Static

static

1

eefa052da0...06.exe

windows7-x64

6

eefa052da0...06.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trojan.Ransom.zip.zip

  • Size

    182KB

  • Sample

    230323-mm7sjafa72

  • MD5

    d3d6cca226379805ebfcd44e52d2d807

  • SHA1

    ecab01b831c27df2414e991c5330be2012a1967a

  • SHA256

    4590c9621a43cc87ef9ae30c139c4b647eeade64a000774bec2f56836ab807c6

  • SHA512

    771dab7b0e7471c9f233ddbd475c732b42d68bd8871487fe91986aa8f1694f304c0b4da6381f9f6e0ac60b9b2b6c2736f9bdd56b22abae97c2a88acafbf058f2

  • SSDEEP

    3072:6inHOMcUlN/Vxc3VlYeAJNVOlDPa6I+SeSEh8DVIxHVXhpizOPdjT:6aH/Gl2JNwPa/+2qGIJ17iSPtT

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      eefa052da01c3faa1d1f516ddfefa8ceb8a5185bb9b5368142ffdf839aea4506

    • Size

      328KB

    • MD5

      8ed9a60127aee45336102bf12059a850

    • SHA1

      b649b9bc9436d373fd09a89ed71840aa7ac5ec54

    • SHA256

      eefa052da01c3faa1d1f516ddfefa8ceb8a5185bb9b5368142ffdf839aea4506

    • SHA512

      95a0d62f02b29a48b1988cba6610b6410327f52ef918fd83fe2565d3767ab202d2a9aef6bcf47234c7c7200c49b71b80cd0430a7b6e55885f7a4b54a69e0dc2e

    • SSDEEP

      6144:wDeUVJuo0tl4VJLofrFD68Y7LE8DO11bEVUNNa:IuFl4VJ4D68YUQO1tEV

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks