2c121a31ab2b5c06b634cec90b5479cb67afad53acd06e160ec5c065a8bc721d | Triage

Sharing

General

Target

360zipsetup_4.0.0.1460.exe.zip
Size

13.8MB
Sample

230331-gvm57sgf87
MD5

ef24bfa4dad1e018ae773ba21a56e683
SHA1

8d7d2c8777c96adc07a8a93c99d2a759bdbabdcc
SHA256

2c121a31ab2b5c06b634cec90b5479cb67afad53acd06e160ec5c065a8bc721d
SHA512

1291f22e778547efcad52c4b9684278c0c6dbd9e94c5bfe2b3cfccba676b2c568e6d7d270a58427fd94da0c469b7ed4f611002039e1bb3a3aa1e9738cbadeb48
SSDEEP

196608:sELgPYQfJoyvxYbGpCG1tGWDaEDZv0fbZJW8ewe0r3pIYpiV+VHecRvzNMGlRqaD:syghfJnxGICWtGeCyl26YpJ3iGnqaD

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  360zipsetup_4.0.0.1460.exe
- Size
  
  14.4MB
- MD5
  
  13a651e07ec6db6937ba357c4e6e9af1
- SHA1
  
  0debe97109960ec4f428a2e68278340314351425
- SHA256
  
  1e131acb8cbb1b033ae3dec6fcadd06127f37adb3bbaa96cf75cd7096aa5ee1e
- SHA512
  
  0746ff003be2ef5ff1dd15dc19200e85e53798cd7338e8816c4ae0ae098e6571b65767d7ddd8b2bd7e83d18abeffd84303d0d437d3c05302cd65c4a93559e129
- SSDEEP
  
  393216:VLzjWQzeJD4bIPJpfp9c1EYBtF5kOF1C8p5isT:5zjWQ6OM18FueIQ
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence