Overview

overview

7

Static

static

7

Qemu启动...��.exe

windows7-x64

6

Qemu启动...��.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Qemu启动测试器.exe

  • Size

    3.0MB

  • Sample

    230614-wneykscb76

  • MD5

    017e84bf04407f1282cdd3e472f0e69c

  • SHA1

    208e776f2138c2f29394916bf8cc091745dfbccd

  • SHA256

    bd231c53660f048d52e57262995e2df144262050a7f0d250b0e15ed192a75691

  • SHA512

    c002ecb88992cf8e3246d1fe229cd8381f9e1aef22e6090c1fae5f5aaef778afed0c858115aaf671459b23a5eacbd7223064bf33af105e4ac67a6a16979ca7f4

  • SSDEEP

    49152:b8ep2+XDhj2hKdu1SRuX6VFm7N++3HqXz2gTf1iwyJPw5j32Zw59k:bJ2+Xd6ME625yD8xBC3249k

Score
7/10
aspackv2bootkitpersistence

Malware Config

Targets

    • Target

      Qemu启动测试器.exe

    • Size

      3.0MB

    • MD5

      017e84bf04407f1282cdd3e472f0e69c

    • SHA1

      208e776f2138c2f29394916bf8cc091745dfbccd

    • SHA256

      bd231c53660f048d52e57262995e2df144262050a7f0d250b0e15ed192a75691

    • SHA512

      c002ecb88992cf8e3246d1fe229cd8381f9e1aef22e6090c1fae5f5aaef778afed0c858115aaf671459b23a5eacbd7223064bf33af105e4ac67a6a16979ca7f4

    • SSDEEP

      49152:b8ep2+XDhj2hKdu1SRuX6VFm7N++3HqXz2gTf1iwyJPw5j32Zw59k:bJ2+Xd6ME625yD8xBC3249k

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

1
T1067

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks