Overview

overview

7

Static

static

7

Imagew 3.6...64.exe

windows7-x64

7

Imagew 3.6...64.exe

windows10-2004-x64

7

Imagew 3.6...64.exe

windows7-x64

7

Imagew 3.6...64.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    8c203e9538af14136b66bc256c171b7408f79bcc8272f9718f60495ad7692dec

  • Size

    1.9MB

  • Sample

    231127-rbt5hsgh8y

  • MD5

    b6405dc88534d366442b5d4893c75347

  • SHA1

    bcfbaa5e4abf3f9fbd2684ec77621d7b89a73784

  • SHA256

    8c203e9538af14136b66bc256c171b7408f79bcc8272f9718f60495ad7692dec

  • SHA512

    9c05e5c16f8f6a7d7a55dbe5dacfb440ef39d967489858c382451625a2811f680357dce8c56150a20c0619573d6276f25d030036d838904b7e2f0f69b172fe97

  • SSDEEP

    49152:xUClgvW6iTq9aa4K8BIq6qih8DmGOlxB7f5yLSw87k:2Cl+/iGaaVPt8Di6NYk

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      Imagew 3.60_x64/Imagew64.exe

    • Size

      1.5MB

    • MD5

      49e1892ff33a28b060c22e21ffab08ca

    • SHA1

      30c423e9fafaaab3406180e74629eeed0be8f8ac

    • SHA256

      109354643cf63f2a75d5b53ce81cde4d748ee08731c0123143405d01a4896239

    • SHA512

      4065c8ccb4b60ee36cb11e3a99a08430c6c41e7bce6fe116d01ba68d004b4e44b0c6a1fc7f74b5bd884738721e5a65bd435a1bcf9d9af6bb8aa1e32c668919f6

    • SSDEEP

      24576:TeHFHwL401iTGy8mnOaK4JcN9CJBU1n++pnK/Y2SawHhA3p4NfWgNYhYgT:TelQL4OiTGnaK4K0BI+c2ehApmeg6hf

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

    • Target

      Imagew 3.60_x64/TBIView64.exe

    • Size

      464KB

    • MD5

      6d18c5b714f0527d65829cb15618453b

    • SHA1

      2058f51f9aa0a1469df9c8cd5203bc0419a2d867

    • SHA256

      b501a8398da1aacecb98698612ca41bf1aaf9e2cf0c41fbcf236cc6c24c3f3b2

    • SHA512

      87334decda45fa65e2880c8d003c2e5a5f3c6d970478cebecd6640844df2b92dbbafb2dd42c3e8b09d95995d25a848562836ee873dea1732b12d8c03d332a1c4

    • SSDEEP

      12288:j4INuYXcIibcZrYijbiKFyf8hwCwuAxCai46Pdh3XXHloqO:MOxWcZJjbiKFyf4wCTt7VDXXHloJ

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks