Overview

overview

7

Static

static

3

711a4cbfd3...b1.exe

windows7-x64

7

711a4cbfd3...b1.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    711a4cbfd3679dba6ea55ad8843f7583fc16f92c7885d4e91ed3847724fc94b1

  • Size

    4.8MB

  • Sample

    231008-zvq6zaad58

  • MD5

    faad5480bf069d1925da8c40d910d7ba

  • SHA1

    d6cd814d913f31ca62e8bbea2ec746c9351f0803

  • SHA256

    711a4cbfd3679dba6ea55ad8843f7583fc16f92c7885d4e91ed3847724fc94b1

  • SHA512

    79c317c5937030edc388f5134a75837f0fcf85682b974a8facf241a676ed1ae5f7c38bba3c88152bb2f88717e892ba19a92a88c4ebdfc0a8e9ce8b3ccdd2bcfc

  • SSDEEP

    98304:dz9qPaEv3SpsRhVPDcurz0U8lF8aWHTdPNt5Lq+mFKpl4:uHThVIkb878a0TlR44pl4

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      711a4cbfd3679dba6ea55ad8843f7583fc16f92c7885d4e91ed3847724fc94b1

    • Size

      4.8MB

    • MD5

      faad5480bf069d1925da8c40d910d7ba

    • SHA1

      d6cd814d913f31ca62e8bbea2ec746c9351f0803

    • SHA256

      711a4cbfd3679dba6ea55ad8843f7583fc16f92c7885d4e91ed3847724fc94b1

    • SHA512

      79c317c5937030edc388f5134a75837f0fcf85682b974a8facf241a676ed1ae5f7c38bba3c88152bb2f88717e892ba19a92a88c4ebdfc0a8e9ce8b3ccdd2bcfc

    • SSDEEP

      98304:dz9qPaEv3SpsRhVPDcurz0U8lF8aWHTdPNt5Lq+mFKpl4:uHThVIkb878a0TlR44pl4

    Score
    7/10
    upxbootkitpersistence

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks