Overview

overview

7

Static

static

1

kaspersky.exe

windows10-1703-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    kaspersky.exe

  • Size

    2.6MB

  • Sample

    230402-yllpfsac32

  • MD5

    3071557264428b5f2ba67708401db241

  • SHA1

    6709985adf590690fa23c2ed1558302d9a408cb5

  • SHA256

    fa941c8e6fadbd6cde8f65c2b4e7fd30ec02249f0baa4d05ed018eefe796b519

  • SHA512

    e3314fd377131510ccb3a140608b26fcbc023d9b636b0e96c0a7b19377883c792c62000ff15c1211b5f32470ed49492f3f85966869d904bae3dd1dbabc4863e7

  • SSDEEP

    49152:Z47Nlau3ZjJvDrOV9Gcwb/alTe/iXMNLdcE/EBSDre/2jX87P:ZeNlau3lJOV9GvZbRDe/2z

Score
7/10
bootkitevasionpersistencetrojan

Malware Config

Targets

    • Target

      kaspersky.exe

    • Size

      2.6MB

    • MD5

      3071557264428b5f2ba67708401db241

    • SHA1

      6709985adf590690fa23c2ed1558302d9a408cb5

    • SHA256

      fa941c8e6fadbd6cde8f65c2b4e7fd30ec02249f0baa4d05ed018eefe796b519

    • SHA512

      e3314fd377131510ccb3a140608b26fcbc023d9b636b0e96c0a7b19377883c792c62000ff15c1211b5f32470ed49492f3f85966869d904bae3dd1dbabc4863e7

    • SSDEEP

      49152:Z47Nlau3ZjJvDrOV9Gcwb/alTe/iXMNLdcE/EBSDre/2jX87P:ZeNlau3lJOV9GvZbRDe/2z

    Score
    7/10
    bootkitevasionpersistencetrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Security Software Discovery

1
T1063

System Information Discovery

4
T1082

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks