Overview

overview

8

Static

static

1

free-fire-...-1.exe

windows7-x64

8

free-fire-...-1.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    free-fire-gameloop-1-94-1.exe

  • Size

    3.6MB

  • Sample

    230325-t5jlzsfe9z

  • MD5

    4dd66324d20bb685f7186f5759db3996

  • SHA1

    9d9377f2a3817f7cfb2994585a26bc18785858d2

  • SHA256

    3a2846143d7bf192e0dc3bcdbe6245ebc71cbc8de527f07b194e1e559c74fdac

  • SHA512

    0126e01073374400598660bce59145c7b12bfcea3efdf0e30f1faa5acc7c7b3fdef608af1459da9951ce546f5f3b02e97b4c657a2bd271aa7663e1c77cda64b4

  • SSDEEP

    98304:yTyXLwBG1SqaMx+Ww1hWu0Dr74tKEhqt6:yTBACww6DI4mq8

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      free-fire-gameloop-1-94-1.exe

    • Size

      3.6MB

    • MD5

      4dd66324d20bb685f7186f5759db3996

    • SHA1

      9d9377f2a3817f7cfb2994585a26bc18785858d2

    • SHA256

      3a2846143d7bf192e0dc3bcdbe6245ebc71cbc8de527f07b194e1e559c74fdac

    • SHA512

      0126e01073374400598660bce59145c7b12bfcea3efdf0e30f1faa5acc7c7b3fdef608af1459da9951ce546f5f3b02e97b4c657a2bd271aa7663e1c77cda64b4

    • SSDEEP

      98304:yTyXLwBG1SqaMx+Ww1hWu0Dr74tKEhqt6:yTBACww6DI4mq8

    Score
    8/10
    bootkitpersistence

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks