Overview

overview

8

Static

static

1

MovaviVide...o_.exe

windows7-x64

8

MovaviVide...o_.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MovaviVideoEditorPlusSetupC_Wnzkvto_.exe

  • Size

    1.9MB

  • Sample

    230509-s5y61acf48

  • MD5

    1176914c8a8cfee425ba582c595065d6

  • SHA1

    3f38397cd5e7aa69902badf6d7b9b935f5e822df

  • SHA256

    9bb1ffc5759cda1bf670be9acfe8626abfdb3b23b50504e4dfc00b609df2b7ad

  • SHA512

    e6597857c382b8e52f3080f75b442b3347abde1213c9b0ea53ffb8f6c42f14e4d138f46c1d116cb864f5808d33b916a633c0beef7db578599328d7474cf914f5

  • SSDEEP

    49152:lvhlHWBwS6D7ddSNPHu0gbZs3HaGYLWEdZYgVbBr:RLHW2ZWH5gO3HXYLu2

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      MovaviVideoEditorPlusSetupC_Wnzkvto_.exe

    • Size

      1.9MB

    • MD5

      1176914c8a8cfee425ba582c595065d6

    • SHA1

      3f38397cd5e7aa69902badf6d7b9b935f5e822df

    • SHA256

      9bb1ffc5759cda1bf670be9acfe8626abfdb3b23b50504e4dfc00b609df2b7ad

    • SHA512

      e6597857c382b8e52f3080f75b442b3347abde1213c9b0ea53ffb8f6c42f14e4d138f46c1d116cb864f5808d33b916a633c0beef7db578599328d7474cf914f5

    • SSDEEP

      49152:lvhlHWBwS6D7ddSNPHu0gbZs3HaGYLWEdZYgVbBr:RLHW2ZWH5gO3HXYLu2

    Score
    8/10
    bootkitpersistence

    • Downloads MZ/PE file

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks