Overview

overview

7

Static

static

1

2cfb677d3a...18.exe

windows7-x64

7

2cfb677d3a...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2cfb677d3ae3b818a9279d308e6b39f4a4972cbf705f749cfe278ecf1e80ee18

  • Size

    3.0MB

  • Sample

    230327-exhmdsbf37

  • MD5

    a2cbbb7be83262b8f6c91c74c509090f

  • SHA1

    51dec9a6e835b791167d9dc642ad3236c0f2a9c9

  • SHA256

    2cfb677d3ae3b818a9279d308e6b39f4a4972cbf705f749cfe278ecf1e80ee18

  • SHA512

    63ea5bde65d515ddfca0209f0229ba88bf433b53ec6a6b0976bc246ad4f2b3544355197a9d437e39950a7615326652d077c8f95f3d5a0621e972c858838cf1c5

  • SSDEEP

    49152:E5lfUp//wVRaDKhpZUE0BvfiJogNugCZFiHCMVdI0i0+VOmUYuGseW:E5lfU5/wbh+E0BvfiJ1A4iMVd4dVxUY0

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      2cfb677d3ae3b818a9279d308e6b39f4a4972cbf705f749cfe278ecf1e80ee18

    • Size

      3.0MB

    • MD5

      a2cbbb7be83262b8f6c91c74c509090f

    • SHA1

      51dec9a6e835b791167d9dc642ad3236c0f2a9c9

    • SHA256

      2cfb677d3ae3b818a9279d308e6b39f4a4972cbf705f749cfe278ecf1e80ee18

    • SHA512

      63ea5bde65d515ddfca0209f0229ba88bf433b53ec6a6b0976bc246ad4f2b3544355197a9d437e39950a7615326652d077c8f95f3d5a0621e972c858838cf1c5

    • SSDEEP

      49152:E5lfUp//wVRaDKhpZUE0BvfiJogNugCZFiHCMVdI0i0+VOmUYuGseW:E5lfU5/wbh+E0BvfiJ1A4iMVd4dVxUY0

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks