Overview

overview

7

Static

static

7

bacef0c983...7b.exe

windows7-x64

7

bacef0c983...7b.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bacef0c983a1bc1bf5a48cf61ed4397c5b070f824e74e6f9f1aa24cb7f28097b

  • Size

    1.4MB

  • Sample

    230825-bc4gksgc87

  • MD5

    2a14734eaa048b443d11d2c73ccbc107

  • SHA1

    409d00ad93c2b7037d56bb722ea8c009366be36d

  • SHA256

    bacef0c983a1bc1bf5a48cf61ed4397c5b070f824e74e6f9f1aa24cb7f28097b

  • SHA512

    28d9e9e32845c5402898fa1d6b7c978e9c36f1edb1db093b3eda2d7eceb645f6e74df238c76a178f402b96f9bd1f22fc869c26ca90cdc7258e4fd9598688d6ef

  • SSDEEP

    24576:BuW/ZvmZbl0S8Dg9lm/GosiYce7Kw3miTz6kDpBqSwV50dCWLAPJVk6Rx1:BuW/ZOycvmuPiJSKwWiTz3D+X0kW0PJ5

Score
7/10
bootkitpersistencevmprotect

Malware Config

Targets

    • Target

      bacef0c983a1bc1bf5a48cf61ed4397c5b070f824e74e6f9f1aa24cb7f28097b

    • Size

      1.4MB

    • MD5

      2a14734eaa048b443d11d2c73ccbc107

    • SHA1

      409d00ad93c2b7037d56bb722ea8c009366be36d

    • SHA256

      bacef0c983a1bc1bf5a48cf61ed4397c5b070f824e74e6f9f1aa24cb7f28097b

    • SHA512

      28d9e9e32845c5402898fa1d6b7c978e9c36f1edb1db093b3eda2d7eceb645f6e74df238c76a178f402b96f9bd1f22fc869c26ca90cdc7258e4fd9598688d6ef

    • SSDEEP

      24576:BuW/ZvmZbl0S8Dg9lm/GosiYce7Kw3miTz6kDpBqSwV50dCWLAPJVk6Rx1:BuW/ZOycvmuPiJSKwWiTz3D+X0kW0PJ5

    Score
    7/10
    bootkitpersistencevmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks