Overview

overview

7

Static

static

7

fad5486fb2...08.exe

windows7-x64

7

fad5486fb2...08.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fad5486fb26247e5802c15f4a4b81a36a040623dfe5571e0f8ebe54ebb1a4608

  • Size

    15.3MB

  • Sample

    230922-cpe57adh97

  • MD5

    97b618266170a9296210e2573fd60624

  • SHA1

    33f89a6ed1317dbda4e177a177e029196d44520d

  • SHA256

    fad5486fb26247e5802c15f4a4b81a36a040623dfe5571e0f8ebe54ebb1a4608

  • SHA512

    81353991308ddd614c57d50b2b7b603479005373ce745dd13cdf42fcfd8b95af0001bc3e94b9f25ac6dd05461647892885eaecd3374fd3827babb73f26820f25

  • SSDEEP

    196608:BsbWP0sNrbLBcwV276pim9EqUGaoP/jgJLQLkJBJ5HDbhN36M0qVH/a58TC:BkWJNr2WjiNFBJ/NJdyCm

Score
7/10
bootkitpersistenceupxvmprotect

Malware Config

Targets

    • Target

      fad5486fb26247e5802c15f4a4b81a36a040623dfe5571e0f8ebe54ebb1a4608

    • Size

      15.3MB

    • MD5

      97b618266170a9296210e2573fd60624

    • SHA1

      33f89a6ed1317dbda4e177a177e029196d44520d

    • SHA256

      fad5486fb26247e5802c15f4a4b81a36a040623dfe5571e0f8ebe54ebb1a4608

    • SHA512

      81353991308ddd614c57d50b2b7b603479005373ce745dd13cdf42fcfd8b95af0001bc3e94b9f25ac6dd05461647892885eaecd3374fd3827babb73f26820f25

    • SSDEEP

      196608:BsbWP0sNrbLBcwV276pim9EqUGaoP/jgJLQLkJBJ5HDbhN36M0qVH/a58TC:BkWJNr2WjiNFBJ/NJdyCm

    Score
    7/10
    bootkitpersistenceupxvmprotect

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks