Overview

overview

6

Static

static

1

avast_vpn_...up.exe

windows10-2004-x64

6

Resubmissions

17/05/2023, 13:36

230517-qv9tmsec31 6

17/05/2023, 13:05

230517-qbj4wafb27 6

Sharing

Copy URL Twitter E-mail

General

  • Target

    avast_vpn_online_setup.exe

  • Size

    1.2MB

  • Sample

    230517-qv9tmsec31

  • MD5

    db77d708cbb452bb492e3df66e362e4a

  • SHA1

    354f6c9d03bd1b9841bea4204a6c2eb82bbf2edb

  • SHA256

    569097d5b9ea1bbd528be5a41948a6778a5b4dc8ce72809072e1aa42d790b4e7

  • SHA512

    29ce41ac9516f87183c0765176002752a4a19c728203c4a2b1b21191be78942acca6fef2403e4f21bf12bb5c0532ba9457e3af9a9d33d6b5cad04c7fa07aaaba

  • SSDEEP

    24576:ncyvw2M/r6mEusqK01BooooEbiiIHBlPa1GJdO+eUBP1StMP4ND4:nhOrzE6ooooECK1GJdO+eiP1StZND4

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      avast_vpn_online_setup.exe

    • Size

      1.2MB

    • MD5

      db77d708cbb452bb492e3df66e362e4a

    • SHA1

      354f6c9d03bd1b9841bea4204a6c2eb82bbf2edb

    • SHA256

      569097d5b9ea1bbd528be5a41948a6778a5b4dc8ce72809072e1aa42d790b4e7

    • SHA512

      29ce41ac9516f87183c0765176002752a4a19c728203c4a2b1b21191be78942acca6fef2403e4f21bf12bb5c0532ba9457e3af9a9d33d6b5cad04c7fa07aaaba

    • SSDEEP

      24576:ncyvw2M/r6mEusqK01BooooEbiiIHBlPa1GJdO+eUBP1StMP4ND4:nhOrzE6ooooECK1GJdO+eiP1StZND4

    Score
    6/10
    bootkitpersistence

    • Adds Run key to start application

      persistence

    • Drops Chrome extension

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks