Overview

overview

7

Static

static

7

44dc0f8b49...0a.exe

windows7-x64

7

44dc0f8b49...0a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    44dc0f8b4980ebdb4d6f867205950e0a

  • Size

    147KB

  • Sample

    231226-aansnscec9

  • MD5

    44dc0f8b4980ebdb4d6f867205950e0a

  • SHA1

    7dca2f121d00356250c222082531a0d6e3409b4f

  • SHA256

    7bf72ba67e980e55aa503cbc8d5a882538a360670f018936fabff18dc89b967e

  • SHA512

    ae034d0d40fbabbbcd104f348aaadcf0ddf96ccc63eddeeeccbea3904b7e3ed27f3f147a1b7b875ac46818d70e153573d171a9d2f176e380195dace976344ca7

  • SSDEEP

    3072:Vlt3Y0LtbYALdEiO0/bMA+RsdUCyXMlybDttv/uDAcRcBcPJYaf:V3Y0LBYAxL/bMA+udUXgybLv/IPLf

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      44dc0f8b4980ebdb4d6f867205950e0a

    • Size

      147KB

    • MD5

      44dc0f8b4980ebdb4d6f867205950e0a

    • SHA1

      7dca2f121d00356250c222082531a0d6e3409b4f

    • SHA256

      7bf72ba67e980e55aa503cbc8d5a882538a360670f018936fabff18dc89b967e

    • SHA512

      ae034d0d40fbabbbcd104f348aaadcf0ddf96ccc63eddeeeccbea3904b7e3ed27f3f147a1b7b875ac46818d70e153573d171a9d2f176e380195dace976344ca7

    • SSDEEP

      3072:Vlt3Y0LtbYALdEiO0/bMA+RsdUCyXMlybDttv/uDAcRcBcPJYaf:V3Y0LBYAxL/bMA+udUXgybLv/IPLf

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks