Overview

overview

7

Static

static

7

11953def2b...0a.exe

windows7-x64

7

11953def2b...0a.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    11953def2b54caf2cc8047539919d81db215df80e3729a96e819bee0bd608a0a

  • Size

    1.4MB

  • Sample

    230827-q77j2sbg6x

  • MD5

    4bf8f666ef9495d9906b2628f1270a23

  • SHA1

    71fbca1f172d0e0bdccb4f721decc54befa3b701

  • SHA256

    11953def2b54caf2cc8047539919d81db215df80e3729a96e819bee0bd608a0a

  • SHA512

    45e38f64c5c218dafbe847fa8cf87f26c5d8189951e2cbfb37525a56162e5829f3345759a18b0973a3841b058d7e39d02a2900d1a0afc4b7aa4b2a0dc2d3532c

  • SSDEEP

    24576:FXrEWDkg/KUZpsk+M/PlZ545ONljXzTbiHvLuNM8Oc0/EkSCj:1bk+jsnM/PlZqKJzaHCNPOphD

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      11953def2b54caf2cc8047539919d81db215df80e3729a96e819bee0bd608a0a

    • Size

      1.4MB

    • MD5

      4bf8f666ef9495d9906b2628f1270a23

    • SHA1

      71fbca1f172d0e0bdccb4f721decc54befa3b701

    • SHA256

      11953def2b54caf2cc8047539919d81db215df80e3729a96e819bee0bd608a0a

    • SHA512

      45e38f64c5c218dafbe847fa8cf87f26c5d8189951e2cbfb37525a56162e5829f3345759a18b0973a3841b058d7e39d02a2900d1a0afc4b7aa4b2a0dc2d3532c

    • SSDEEP

      24576:FXrEWDkg/KUZpsk+M/PlZ545ONljXzTbiHvLuNM8Oc0/EkSCj:1bk+jsnM/PlZqKJzaHCNPOphD

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks