Overview

overview

7

Static

static

7

0816df3647...a8.exe

windows7-x64

7

0816df3647...a8.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0816df36471d6edc69c92f70415c3ea8

  • Size

    241KB

  • Sample

    231225-f7cpkagec4

  • MD5

    0816df36471d6edc69c92f70415c3ea8

  • SHA1

    1b38ad30389c3c8f4c5b388785e1d89572215088

  • SHA256

    ed66b6bfb9c22a560c86c72d0e7e5a9f46200f5ee046f2220f2b7c18f453fa1b

  • SHA512

    bb20f590e0d289744d856ab04a7083f6d5e6f2d081520f19edff8da65fce5de69f24101e947723b775923e00822579018e6070c1b0ebb4b17d9198659689e2a1

  • SSDEEP

    6144:MkeENDvTSn2SV/GuhYdViC7X57+nM4QyBoQHo:MNEND/k/GLPX57+n7nzo

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      0816df36471d6edc69c92f70415c3ea8

    • Size

      241KB

    • MD5

      0816df36471d6edc69c92f70415c3ea8

    • SHA1

      1b38ad30389c3c8f4c5b388785e1d89572215088

    • SHA256

      ed66b6bfb9c22a560c86c72d0e7e5a9f46200f5ee046f2220f2b7c18f453fa1b

    • SHA512

      bb20f590e0d289744d856ab04a7083f6d5e6f2d081520f19edff8da65fce5de69f24101e947723b775923e00822579018e6070c1b0ebb4b17d9198659689e2a1

    • SSDEEP

      6144:MkeENDvTSn2SV/GuhYdViC7X57+nM4QyBoQHo:MNEND/k/GLPX57+n7nzo

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks