33c7af1a17adced40378369575085a5640b2566b00176a85678eb115fae40113 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

kaspersky4...46.exe

windows7-x64

8

kaspersky4...46.exe

windows10-2004-x64

7

Sharing

General

Target

kaspersky4win202121.9.6.465es_37946.exe
Size

3.8MB
Sample

230402-t3hlxahc93
MD5

5216dcd8bc6e380cfc73d5ce12e94a1c
SHA1

2096a76335928955e65c76b1936da817b660b23c
SHA256

33c7af1a17adced40378369575085a5640b2566b00176a85678eb115fae40113
SHA512

325a1063e3e4f796ff5df907f334ef12a45e0c385ef38d5949275cd42a43cb8407f3e1e850edb7b8a81bb3125ef3df3c42e09d8659fdc36212f1adf75a35ee5f
SSDEEP

98304:fQFKOo1J9QennbKgb/LcPOc/KmCPOHxFvSeVEQaJU7pByrcGw:yo1fQenzbDcGc2mfJtm

Score

8^/10

bootkit evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

kaspersky4win202121.9.6.465es_37946.exe

Resource

win7-20230220-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

kaspersky4win202121.9.6.465es_37946.exe

Resource

win10v2004-20230220-en

bootkit evasion persistence trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  kaspersky4win202121.9.6.465es_37946.exe
- Size
  
  3.8MB
- MD5
  
  5216dcd8bc6e380cfc73d5ce12e94a1c
- SHA1
  
  2096a76335928955e65c76b1936da817b660b23c
- SHA256
  
  33c7af1a17adced40378369575085a5640b2566b00176a85678eb115fae40113
- SHA512
  
  325a1063e3e4f796ff5df907f334ef12a45e0c385ef38d5949275cd42a43cb8407f3e1e850edb7b8a81bb3125ef3df3c42e09d8659fdc36212f1adf75a35ee5f
- SSDEEP
  
  98304:fQFKOo1J9QennbKgb/LcPOc/KmCPOHxFvSeVEQaJU7pByrcGw:yo1fQenzbDcGc2mfJtm
Score

8^/10

evasion trojan bootkit persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

bootkitevasionpersistencetrojan

© 2018-2024

Terms | Privacy