Overview

overview

6

Static

static

1

?????????_...35.exe

windows7-x64

1

?????????_...35.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c0285.zip

  • Size

    6.2MB

  • Sample

    230424-h8ml9sad76

  • MD5

    0698269d13a7279da93249c062a9bbf9

  • SHA1

    7787efc6d887e889af253da9df5e095ae312d5f9

  • SHA256

    eab6ae925008d0d0630c3db079d5473104bb254f99f1770b7ec06fefbda86527

  • SHA512

    65917b31179e35033382f783b41290cd87cbddfdda51a882d8adf2aaf5bd5817eb727bda2517399fc2aece00f7caac9e185435f5c427d226351d200dfdc154b7

  • SSDEEP

    98304:gP+7sWiuKxRCX+xT0FeY3bBQmlXjrl2yRgo80w0BazrsmorzaxwHqYJTNF1:U+guKL0FeY3dQQXjAR0BbrzaxwhF1

Score
6/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      ?????????_37162335.exe

    • Size

      6.7MB

    • MD5

      65c6c55ff7a297cb8038ed701d6cdef1

    • SHA1

      70bc9fabbc72224d3ad5ad54211e2e6865aefc9c

    • SHA256

      8f1d957803f3501d26f385df4f2f92408b9bd1cbf825ac7bce3584a495253486

    • SHA512

      80521a7a5592d6bd52187af31c6a293802a7d654308ec0f3aab234e3e0df294b7439d510973bc8db5ea85bb1a80e5532fdbcf9f75e401935046441065ab1dac6

    • SSDEEP

      98304:2TOYcpeE6kT/hh5UhamPSzGOljFbY/qAt8Z06Sgn6W9BO+xmLaGDaQHmm/z:moehkKhhaz/lBbY/qAtifSZOt8aeb

    Score
    6/10
    bootkitdiscoverypersistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks