Overview

overview

7

Static

static

7

6c502b0ee6...29.exe

windows7-x64

7

6c502b0ee6...29.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c502b0ee6d7182d2269d0c441a63747312c2cc06f8b98a49cf3057ddb565129

  • Size

    6.0MB

  • Sample

    231011-thdgfsbd68

  • MD5

    84bda1cf5f48bfd47d3eb310d50da81d

  • SHA1

    2fb82fd0f8904855e6e6f0b9ebece6b32c6862e1

  • SHA256

    6c502b0ee6d7182d2269d0c441a63747312c2cc06f8b98a49cf3057ddb565129

  • SHA512

    ab3e88250bdecb40055bdc6b7af371e192214a261440a237fd51fe460014b06bb6b9553d52d0e2008e96a60202156745d36ce2ec5d0a17ab543f9501b1e1a72d

  • SSDEEP

    98304:jEpuvS7PEk5/jZMFUkWL+ikliXR+4qm5BmRmYYcQKNmL6yiwNUvZcmz9J:jiuvQ0SkWLLf+4FZwNv3cE9J

Score
7/10
bootkitpersistencevmprotect

Malware Config

Targets

    • Target

      6c502b0ee6d7182d2269d0c441a63747312c2cc06f8b98a49cf3057ddb565129

    • Size

      6.0MB

    • MD5

      84bda1cf5f48bfd47d3eb310d50da81d

    • SHA1

      2fb82fd0f8904855e6e6f0b9ebece6b32c6862e1

    • SHA256

      6c502b0ee6d7182d2269d0c441a63747312c2cc06f8b98a49cf3057ddb565129

    • SHA512

      ab3e88250bdecb40055bdc6b7af371e192214a261440a237fd51fe460014b06bb6b9553d52d0e2008e96a60202156745d36ce2ec5d0a17ab543f9501b1e1a72d

    • SSDEEP

      98304:jEpuvS7PEk5/jZMFUkWL+ikliXR+4qm5BmRmYYcQKNmL6yiwNUvZcmz9J:jiuvQ0SkWLLf+4FZwNv3cE9J

    Score
    7/10
    bootkitpersistencevmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks