Overview

overview

8

Static

static

3

定制版.exe

windows7-x64

8

定制版.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    定制版.exe

  • Size

    2.1MB

  • Sample

    230721-wb5cpsgf6w

  • MD5

    aae1b4342f51b3d86c079495d51e3c14

  • SHA1

    339b0b3d3c9731c4635967ef0204a9632652d7b7

  • SHA256

    18b2dbb8e841d1dec7f78133337cacf10660e137606c9ae828da82208e8a64c7

  • SHA512

    646c774e6cfe1cc028b3a8b96115b1b6e957e4beb3f88c6afbd85689b307ce53a6d558750a8bf34b6f0e90e611d11e18b43964e7c42119c22d4862e7add76c70

  • SSDEEP

    24576:ej4xwmbjW8Xi7UxyhKGQnNO3/Pi0vhTrlwTYs42cYbDyGWBVGZu8BlscURqxbhto:emxHnNWxXhAyGWv4uAPx9to

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      定制版.exe

    • Size

      2.1MB

    • MD5

      aae1b4342f51b3d86c079495d51e3c14

    • SHA1

      339b0b3d3c9731c4635967ef0204a9632652d7b7

    • SHA256

      18b2dbb8e841d1dec7f78133337cacf10660e137606c9ae828da82208e8a64c7

    • SHA512

      646c774e6cfe1cc028b3a8b96115b1b6e957e4beb3f88c6afbd85689b307ce53a6d558750a8bf34b6f0e90e611d11e18b43964e7c42119c22d4862e7add76c70

    • SSDEEP

      24576:ej4xwmbjW8Xi7UxyhKGQnNO3/Pi0vhTrlwTYs42cYbDyGWBVGZu8BlscURqxbhto:emxHnNWxXhAyGWv4uAPx9to

    Score
    8/10
    bootkitpersistenceupx

    • Downloads MZ/PE file

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks