857db21d0ca383968700b5397ded7bc1b336209e4464c46e479668f08e067495 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

kaspersky4...46.exe

windows7-x64

8

kaspersky4...46.exe

windows10-2004-x64

7

Sharing

General

Target

kaspersky4win202121.9.6.465es_37946.exe
Size

3.8MB
Sample

230324-26kvfahh88
MD5

6f3653a401e3dfd802d9c69f20c9a8ac
SHA1

db0937b5b5adfc72cb5291f28f08cb234da9d740
SHA256

857db21d0ca383968700b5397ded7bc1b336209e4464c46e479668f08e067495
SHA512

8e5b1fafaf331e3d8bd2ded041a2f9fe5d6542d8be63bb823e05631cd5ebe89d85de1685c11431d01c010c866061b58d7d587cfa28edaf9c83f71091160c0d81
SSDEEP

98304:gQFKOoWJ9QennbKgb/LcPOc/KmCPOHxFvSeVEQaJU7pByrcGw:ToWfQenzbDcGc2mfJtm

Score

8^/10

bootkit evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

kaspersky4win202121.9.6.465es_37946.exe

Resource

win7-20230220-en

bootkit evasion persistence trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

kaspersky4win202121.9.6.465es_37946.exe

Resource

win10v2004-20230220-en

bootkit evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  kaspersky4win202121.9.6.465es_37946.exe
- Size
  
  3.8MB
- MD5
  
  6f3653a401e3dfd802d9c69f20c9a8ac
- SHA1
  
  db0937b5b5adfc72cb5291f28f08cb234da9d740
- SHA256
  
  857db21d0ca383968700b5397ded7bc1b336209e4464c46e479668f08e067495
- SHA512
  
  8e5b1fafaf331e3d8bd2ded041a2f9fe5d6542d8be63bb823e05631cd5ebe89d85de1685c11431d01c010c866061b58d7d587cfa28edaf9c83f71091160c0d81
- SSDEEP
  
  98304:gQFKOoWJ9QennbKgb/LcPOc/KmCPOHxFvSeVEQaJU7pByrcGw:ToWfQenzbDcGc2mfJtm
Score

8^/10

bootkit evasion persistence trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitevasionpersistencetrojan

behavioral2

bootkitevasionpersistencetrojan

© 2018-2024

Terms | Privacy