Overview

overview

6

Static

static

3

59613bb398...aa.exe

windows7-x64

6

59613bb398...aa.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    59613bb3985a9b60853d8df6d194dd9a26abe441b7ea8174dbfc8bffd6d85eaa

  • Size

    4.4MB

  • Sample

    230829-z21nzsba2w

  • MD5

    7c5eaf86659eae7804376ab6da29dd42

  • SHA1

    5a2143282ce601b13344954a6e5a7b244f960cf2

  • SHA256

    59613bb3985a9b60853d8df6d194dd9a26abe441b7ea8174dbfc8bffd6d85eaa

  • SHA512

    9049d9082f81f8d62e7fe08dd079321a0b3d849a9e8b72afa8469bafe1284fc624df904bb1f36a5fe0d30d9f3e3971c17eaf678760494bf92d369457a79bf14b

  • SSDEEP

    98304:4RJDQOUK5VVs0tA+tJ/7fwMaTmmneLtAxccKnktoK3ExvfamAZldb5+u4pTSACH:4TDQOUKFsWA+tJ/MNCBjutoK3EgRld1/

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      59613bb3985a9b60853d8df6d194dd9a26abe441b7ea8174dbfc8bffd6d85eaa

    • Size

      4.4MB

    • MD5

      7c5eaf86659eae7804376ab6da29dd42

    • SHA1

      5a2143282ce601b13344954a6e5a7b244f960cf2

    • SHA256

      59613bb3985a9b60853d8df6d194dd9a26abe441b7ea8174dbfc8bffd6d85eaa

    • SHA512

      9049d9082f81f8d62e7fe08dd079321a0b3d849a9e8b72afa8469bafe1284fc624df904bb1f36a5fe0d30d9f3e3971c17eaf678760494bf92d369457a79bf14b

    • SSDEEP

      98304:4RJDQOUK5VVs0tA+tJ/7fwMaTmmneLtAxccKnktoK3ExvfamAZldb5+u4pTSACH:4TDQOUKFsWA+tJ/MNCBjutoK3EgRld1/

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks