Overview

overview

7

Static

static

1

DriverEasy.5.7.0.exe

windows7-x64

7

DriverEasy.5.7.0.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DriverEasy.5.7.0.exe

  • Size

    3.9MB

  • Sample

    230404-yl8h8ahf77

  • MD5

    69a34500bdb95a4e6a408d859d86accd

  • SHA1

    ac6db3f7a982e9edb7d0c669ce0c43c37d6a5933

  • SHA256

    3d5b5be07939390fbfaf99686610df55d7c6eae7395c02a523f5028bd68fdb9e

  • SHA512

    a436250dbab821bba6c179a40d711f2c0d47b8fd675b249694837bfca9050eba2aee7e6d9ba902b26113cb960c2bdeee98dadcb840c0ff7473358ab0efaa5030

  • SSDEEP

    98304:1diPuVIBxzPqWFvZio5q8rKN+bEs1rpXlJROah:uuVI3zPquximq8FNN1x

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      DriverEasy.5.7.0.exe

    • Size

      3.9MB

    • MD5

      69a34500bdb95a4e6a408d859d86accd

    • SHA1

      ac6db3f7a982e9edb7d0c669ce0c43c37d6a5933

    • SHA256

      3d5b5be07939390fbfaf99686610df55d7c6eae7395c02a523f5028bd68fdb9e

    • SHA512

      a436250dbab821bba6c179a40d711f2c0d47b8fd675b249694837bfca9050eba2aee7e6d9ba902b26113cb960c2bdeee98dadcb840c0ff7473358ab0efaa5030

    • SSDEEP

      98304:1diPuVIBxzPqWFvZio5q8rKN+bEs1rpXlJROah:uuVI3zPquximq8FNN1x

    Score
    7/10
    bootkitpersistence

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks