d9f2b3469bf9feb804c30767ecffb9a63e21c79cd3dd1b11a1d04080b130b8c8 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

MTK_Driver...04.exe

windows7-x64

9

MTK_Driver...04.exe

windows10-2004-x64

7

Sharing

General

Target

MTK_Driver_Auto_Installer_SP_Drivers_20160804.exe
Size

8.9MB
Sample

230328-yhvsyseg4t
MD5

2864e74ddbee0511dc655a73d2b96f2e
SHA1

baa9d261dcbaa6a30b639c89e5208d78d0e20975
SHA256

d9f2b3469bf9feb804c30767ecffb9a63e21c79cd3dd1b11a1d04080b130b8c8
SHA512

1b5718a9560182fc93ff2fa22ea2b7d7235f32cc50a1babc945dfa13c62ad95e14b30c9a8fc1171b01452d64cc989f6c4c1c709b28aa3236ee15e1020cee05d8
SSDEEP

196608:VtlqUHji9m0wvEHScntY7yGFVZlHIW25aVt81bH:RpDT04EbwyWZtw53H

Score

9^/10

discovery evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

MTK_Driver_Auto_Installer_SP_Drivers_20160804.exe

Resource

win7-20230220-en

discovery evasion ransomware

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

MTK_Driver_Auto_Installer_SP_Drivers_20160804.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  MTK_Driver_Auto_Installer_SP_Drivers_20160804.exe
- Size
  
  8.9MB
- MD5
  
  2864e74ddbee0511dc655a73d2b96f2e
- SHA1
  
  baa9d261dcbaa6a30b639c89e5208d78d0e20975
- SHA256
  
  d9f2b3469bf9feb804c30767ecffb9a63e21c79cd3dd1b11a1d04080b130b8c8
- SHA512
  
  1b5718a9560182fc93ff2fa22ea2b7d7235f32cc50a1babc945dfa13c62ad95e14b30c9a8fc1171b01452d64cc989f6c4c1c709b28aa3236ee15e1020cee05d8
- SSDEEP
  
  196608:VtlqUHji9m0wvEHScntY7yGFVZlHIW25aVt81bH:RpDT04EbwyWZtw53H
Score

9^/10

discovery evasion ransomware
- Modifies boot configuration data using bcdedit
  ransomware evasion
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

discoveryevasionransomware

behavioral2

© 2018-2024

Terms | Privacy