Overview

overview

7

Static

static

7

Aws.exe

windows7-x64

6

Aws.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    Aws.exe

  • Size

    722KB

  • Sample

    230831-gr8mqsde85

  • MD5

    1e796ab2da4144d4ccdf037433a511b2

  • SHA1

    199f386b98e996d8647a36ce5c3d30fc080e69bd

  • SHA256

    e2c2f31d5a3958eac70ec10439100cabc0557950282300497673792c6e2bb4e1

  • SHA512

    4113e518d024010db687882a448282d7af9c0d13caa6ec0f2520a2f57a19cc4df05449aed107c5db7f460a79e567999becb0cf4970473721371f162284057e11

  • SSDEEP

    12288:eAjq4FpXdEQVyDLYRx1DOkl4vF4iPlAVrV2nc9dnbPk41CxmIuqNX0baMKtj:1+mXmtLYRKkI4ilAV0nIRbkhU1qNlMs

Score
7/10
aspackv2bootkitpersistence

Malware Config

Targets

    • Target

      Aws.exe

    • Size

      722KB

    • MD5

      1e796ab2da4144d4ccdf037433a511b2

    • SHA1

      199f386b98e996d8647a36ce5c3d30fc080e69bd

    • SHA256

      e2c2f31d5a3958eac70ec10439100cabc0557950282300497673792c6e2bb4e1

    • SHA512

      4113e518d024010db687882a448282d7af9c0d13caa6ec0f2520a2f57a19cc4df05449aed107c5db7f460a79e567999becb0cf4970473721371f162284057e11

    • SSDEEP

      12288:eAjq4FpXdEQVyDLYRx1DOkl4vF4iPlAVrV2nc9dnbPk41CxmIuqNX0baMKtj:1+mXmtLYRKkI4ilAV0nIRbkhU1qNlMs

    Score
    6/10
    bootkitpersistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks