Overview

overview

8

Static

static

1

_.exe

windows7-x64

8

_.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.929c3cadc1a37a6f11f9f2b473fa9518d3c4162480b90e517204842f1f809429.zip

  • Size

    145KB

  • Sample

    231116-wkcdaaed49

  • MD5

    743971bf2800191d1bfaf5a4255524d9

  • SHA1

    bd74ce4b28b2e14dedb8e4270a9c27d04fbcd8e0

  • SHA256

    929c3cadc1a37a6f11f9f2b473fa9518d3c4162480b90e517204842f1f809429

  • SHA512

    8b576661cbbb2dc471d2837998f528679dea5cf3b6a4eb0f834c109c3f41052ac03abce95ecf05c2edcd52ad7da1c0bc3dccff5a22b34896efb29fe5b10aa80b

  • SSDEEP

    3072:VR2wGoxr9+jKVpBCecDLm9Nf66A218+jpVd8yZW6FyFPFi9HQj:H2wB40JOmL6Vf8pVGbNi9wj

Score
8/10
bootkitpersistence

Malware Config

Targets

    • Target

      _

    • Size

      256KB

    • MD5

      56354f6191810e362bf2ae7b3f6e82b4

    • SHA1

      98260eb9dbec4ef777939937b4ca797ac336e3ff

    • SHA256

      95c16c2f74bfe9878117d341d4b259c5327f87fc10e8407b27e9a905aff0ac11

    • SHA512

      fb40abe4838e4026a4b1c826566454ff181e68bf7f7929777f2ea63e55a8242c65f12dffb274e8c46f5f1bcb7f42661c41e7b2a62ed39050814a45de54ab8b30

    • SSDEEP

      6144:bCfHrZae3GFqRQcMeh4WpywpjchNCPnAeb:bCfLZadcM24fRNXe

    Score
    8/10
    bootkitpersistence

    • Downloads MZ/PE file

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks