48c0d78f60e73a397e46314ce6fba1c05cc32580de5edb5e7e8ff3289c5b47d9 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

download.js

windows10-1703-x64

8

Sharing

General

Target

download
Size

10KB
Sample

230331-v1gghadd2s
MD5

e72bc0f8a2e083f4688c9d99b0c1ce2a
SHA1

69ed473102e0e3b8ce235ead1155c1273823da8e
SHA256

48c0d78f60e73a397e46314ce6fba1c05cc32580de5edb5e7e8ff3289c5b47d9
SHA512

8848a42b1b7eb3d50515f8f4722169b505a59e8755a27abab329b74bc5b72b3882fcacb565547800654ad742a322dcc46715c9ca285a8a68bb3c411fbe13a1bd
SSDEEP

192:7YaCiN6A7eAmQZl5U3/EjCD2gOWlJiEuxBUaEFwP+6JttQximQ:7YMTZl5e/jD2gOiuxJEFwF4ximQ

Score

8^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

download.js

Resource

win10-20230220-en

bootkit persistence

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  download
- Size
  
  10KB
- MD5
  
  e72bc0f8a2e083f4688c9d99b0c1ce2a
- SHA1
  
  69ed473102e0e3b8ce235ead1155c1273823da8e
- SHA256
  
  48c0d78f60e73a397e46314ce6fba1c05cc32580de5edb5e7e8ff3289c5b47d9
- SHA512
  
  8848a42b1b7eb3d50515f8f4722169b505a59e8755a27abab329b74bc5b72b3882fcacb565547800654ad742a322dcc46715c9ca285a8a68bb3c411fbe13a1bd
- SSDEEP
  
  192:7YaCiN6A7eAmQZl5U3/EjCD2gOWlJiEuxBUaEFwP+6JttQximQ:7YMTZl5e/jD2gOiuxJEFwF4ximQ
Score

8^/10

bootkit persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Tasks

static1

behavioral1

bootkitpersistence

© 2018-2024

Terms | Privacy