f73b94d8b36e8a00d4b29fd9f739a541f338caa8b78aa803e7a0bcf7edfe80a2 | Triage

Sharing

General

Target

360zip_setup_1.0.0.1041.exe
Size

6.5MB
Sample

230613-ynkj6sbh2s
MD5

5a06a89102b2760cf636e94465453ae3
SHA1

fdc07660d7f4607469ea442ed74d5c06d6c7b248
SHA256

f73b94d8b36e8a00d4b29fd9f739a541f338caa8b78aa803e7a0bcf7edfe80a2
SHA512

964400bee8010a3d95a97000e8c3fe20be5314f48e60a97aef20e6c001c05d8ba84d53fd336c2d956fd273f2c542c0ef4741e4888546d698bd522ace5d03aaf9
SSDEEP

196608:Sts5DnOizPzfN/lRI3ueF0IvmdbQUfpSeG+4Yx67pyeQCaZ+:Sts5nz7f5gtqlbQU4eG+44EypCa8

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  360zip_setup_1.0.0.1041.exe
- Size
  
  6.5MB
- MD5
  
  5a06a89102b2760cf636e94465453ae3
- SHA1
  
  fdc07660d7f4607469ea442ed74d5c06d6c7b248
- SHA256
  
  f73b94d8b36e8a00d4b29fd9f739a541f338caa8b78aa803e7a0bcf7edfe80a2
- SHA512
  
  964400bee8010a3d95a97000e8c3fe20be5314f48e60a97aef20e6c001c05d8ba84d53fd336c2d956fd273f2c542c0ef4741e4888546d698bd522ace5d03aaf9
- SSDEEP
  
  196608:Sts5DnOizPzfN/lRI3ueF0IvmdbQUfpSeG+4Yx67pyeQCaZ+:Sts5nz7f5gtqlbQU4eG+44EypCa8
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence