Overview

overview

7

Static

static

1

36a2c605f2...aa.exe

windows7-x64

7

36a2c605f2...aa.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36a2c605f21c340257c07271d7e710014b96cad761bd4e68e69dc467eced5eaa

  • Size

    3.0MB

  • Sample

    230407-e2fnlagc45

  • MD5

    dd60ed970e7b840688eaa33901d23a2a

  • SHA1

    d1bbbba77ee88789ba026737e6fd2300e1c230ab

  • SHA256

    36a2c605f21c340257c07271d7e710014b96cad761bd4e68e69dc467eced5eaa

  • SHA512

    428b793b5a6c1697ba0883581122eb480353aef349ad03733ed2e7fdcecfc3c0ee87565714c45c678a2d4e0659ebd93d84480294301153b8656fe61f9336a069

  • SSDEEP

    49152:WH5lTSK1Rxg5hywNnYuqu3VTAhBfNkwtUuxqE3TKcrGzKEEIhf31jLa:WH5ZN1RxwEAnYJKqfN5tUuxOK8313a

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      36a2c605f21c340257c07271d7e710014b96cad761bd4e68e69dc467eced5eaa

    • Size

      3.0MB

    • MD5

      dd60ed970e7b840688eaa33901d23a2a

    • SHA1

      d1bbbba77ee88789ba026737e6fd2300e1c230ab

    • SHA256

      36a2c605f21c340257c07271d7e710014b96cad761bd4e68e69dc467eced5eaa

    • SHA512

      428b793b5a6c1697ba0883581122eb480353aef349ad03733ed2e7fdcecfc3c0ee87565714c45c678a2d4e0659ebd93d84480294301153b8656fe61f9336a069

    • SSDEEP

      49152:WH5lTSK1Rxg5hywNnYuqu3VTAhBfNkwtUuxqE3TKcrGzKEEIhf31jLa:WH5ZN1RxwEAnYJKqfN5tUuxOK8313a

    Score
    7/10
    bootkitpersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks