Overview

overview

7

Static

static

7

__robi/adm...up.exe

windows7-x64

7

__robi/adm...up.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b4ebb1121419d1acbafac62102c2963fd88b9dd007f012139c74cd3351af7e83.zip.zip

  • Size

    1.1MB

  • Sample

    231107-q2w65age89

  • MD5

    d96c0c3824b067e189bc114170c32ae8

  • SHA1

    8a9250123046635c527176ddfbdbefe464c6ecb0

  • SHA256

    ab23d783682ae6e67916c49a740d37645d8838ba7ac0d2d560827e8f29f09163

  • SHA512

    7455f23d6e4df6e8204b7f43f3e3ccf1e67f3eeb3369984f719d54e3017a9f886c078af915252162919379bde07d930b1a13af593e367b776a181353c6094690

  • SSDEEP

    24576:kuDFs0v4Qrd+zGAdjSjkYnpedsNy5Bq53W5a7BA:Fs84qQzGgSjkOedj5I53IwBA

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      __robi/admiralmarkets4setup.exe

    • Size

      1.2MB

    • MD5

      e163606b2d4a75f5f20df3288d14c4a9

    • SHA1

      3a4be7c667221e45cc48258f90747440f33229e5

    • SHA256

      2ed30cee0b5955c9d68b6f0fdd84d1fc9d6bdeeb681059290ea6858578495725

    • SHA512

      1930b0a3b5472c28801b2465d5e944407054856b50e48e5980d694e439aa96214baf56bbc99ecf47c0ea365e36e766db68d617792bf080d02ed438e88bed45f5

    • SSDEEP

      24576:ypYrVTcx9jHNB6ftPIkvCzM5KKZfWcfb0sC4a/ym/i2paIKuO4ko:ypy49bNBetPIkBKKZfWcAWaKm/Bp5O4b

    Score
    7/10
    bootkitpersistenceupx

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks