Overview

overview

7

Static

static

1

07895bdc63...c2.exe

windows7-x64

7

07895bdc63...c2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07895bdc63fbeca17c4c2e60885470b60d5c2d12d1905d55c651811e393613c2

  • Size

    2.0MB

  • Sample

    230325-q7d8hach87

  • MD5

    6907cfa5464e6a5913b421825dce7111

  • SHA1

    778d3580e81e7b2bb3a16f17344c58a27fead198

  • SHA256

    07895bdc63fbeca17c4c2e60885470b60d5c2d12d1905d55c651811e393613c2

  • SHA512

    cb9576b52183e2f8ceed1f215d544b58520840a70ace574d270fe90f3ecf70f42c9b0595db8b30b50f66704b3bb77339b22a786989cf48d8c1ad3104b10a401e

  • SSDEEP

    49152:sojlbp7NiiL/Dyae5u/yxn6n8hW4qINUcw0l:sqb1Niq/Dyx5u/yoi4U3l

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      07895bdc63fbeca17c4c2e60885470b60d5c2d12d1905d55c651811e393613c2

    • Size

      2.0MB

    • MD5

      6907cfa5464e6a5913b421825dce7111

    • SHA1

      778d3580e81e7b2bb3a16f17344c58a27fead198

    • SHA256

      07895bdc63fbeca17c4c2e60885470b60d5c2d12d1905d55c651811e393613c2

    • SHA512

      cb9576b52183e2f8ceed1f215d544b58520840a70ace574d270fe90f3ecf70f42c9b0595db8b30b50f66704b3bb77339b22a786989cf48d8c1ad3104b10a401e

    • SSDEEP

      49152:sojlbp7NiiL/Dyae5u/yxn6n8hW4qINUcw0l:sqb1Niq/Dyx5u/yoi4U3l

    Score
    7/10
    bootkitpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks