Overview

overview

8

Static

static

7

网络测速.exe

windows7-x64

8

网络测速.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    网络测速.exe

  • Size

    2.7MB

  • Sample

    230815-kkx47shg46

  • MD5

    2da4af50967e752fdb5793b2cebcc847

  • SHA1

    124f61c5629be00a41eebcee440cd4cd52fd96c9

  • SHA256

    785a02d157aaeba669b379c96ea26320f7a994f9fd3e4c1c5850550c7f372989

  • SHA512

    0d5e14b6d7d5c29f782db56bc11e7e4d1dafb69c20c476a07ecb2010b10e038049b8f4bd295d1c630c35f257b472e63994d228674fb537ece36337507509e368

  • SSDEEP

    49152:qSVN8XUBKGA9oD+xEBJQZcaDdVCQo0YpEHkMqZ+x8gUB:qSQXUG9oDnJQWaDdOpCdqRdB

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      网络测速.exe

    • Size

      2.7MB

    • MD5

      2da4af50967e752fdb5793b2cebcc847

    • SHA1

      124f61c5629be00a41eebcee440cd4cd52fd96c9

    • SHA256

      785a02d157aaeba669b379c96ea26320f7a994f9fd3e4c1c5850550c7f372989

    • SHA512

      0d5e14b6d7d5c29f782db56bc11e7e4d1dafb69c20c476a07ecb2010b10e038049b8f4bd295d1c630c35f257b472e63994d228674fb537ece36337507509e368

    • SSDEEP

      49152:qSVN8XUBKGA9oD+xEBJQZcaDdVCQo0YpEHkMqZ+x8gUB:qSQXUG9oDnJQWaDdOpCdqRdB

    Score
    8/10
    bootkitpersistenceupx

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks