Overview

overview

8

Static

static

1

FREEEEEEE

windows10-1703-x64

8

Resubmissions

07-05-2023 19:40

230507-ydqnfaff43 8

07-05-2023 19:37

230507-yb1qmahd4y 8

07-05-2023 19:33

230507-x919daff27 1

07-05-2023 19:30

230507-x7y18sfe98 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    FREEEEEEE

  • Size

    3KB

  • Sample

    230507-yb1qmahd4y

  • MD5

    b67b3eaa163ae4edf089f487e40b351e

  • SHA1

    c57eee377f00bcbaf84b2cc3102a725daadbf8c7

  • SHA256

    9d059fe6ada9d5860401ea028e40dbf231b9e41f3f88a7d0d04136214c596a96

  • SHA512

    c4f5af4346f87e6e3454b889e53fd0a7b54e2d3fdadc7a71ba9f50f4ac88c1aee6563a745282059a94218926b7861d8cd0f88ea30ef351b319fabd6d286bfb71

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      FREEEEEEE

    • Size

      3KB

    • MD5

      b67b3eaa163ae4edf089f487e40b351e

    • SHA1

      c57eee377f00bcbaf84b2cc3102a725daadbf8c7

    • SHA256

      9d059fe6ada9d5860401ea028e40dbf231b9e41f3f88a7d0d04136214c596a96

    • SHA512

      c4f5af4346f87e6e3454b889e53fd0a7b54e2d3fdadc7a71ba9f50f4ac88c1aee6563a745282059a94218926b7861d8cd0f88ea30ef351b319fabd6d286bfb71

    Score
    8/10
    bootkitpersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks