d72a94fa33bcf318a05efa8b0caf54b2f349e6774d8bca3327f0c62ed35f3175 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

0db97c6bdb...2c.exe

windows7-x64

7

0db97c6bdb...2c.exe

windows10-2004-x64

7

Sharing

General

Target

0db97c6bdb487253fd3ec29bee586a2c
Size

328KB
Sample

231230-eksltsgfal
MD5

0db97c6bdb487253fd3ec29bee586a2c
SHA1

1497ed3aa824205afb2c4268cff9368f8c0d972e
SHA256

d72a94fa33bcf318a05efa8b0caf54b2f349e6774d8bca3327f0c62ed35f3175
SHA512

559e27c5ab0eca1c255da41d4d4453c8eee3469817bc80f37ae5c7db71e0bf91f7247a48ff6c489c7bae26388a2e416f433b109cbd4a396da9570cc854e2c749
SSDEEP

6144:RePJYhcvhLxotp++sCTHUIKz3JWGYBjWo84y7KtM8rYKce0lmX30FTBS:RePJYIh9of++skOYBjDhAKWLCX30NBS

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0db97c6bdb487253fd3ec29bee586a2c.exe

Resource

win7-20231215-en

bootkit persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

0db97c6bdb487253fd3ec29bee586a2c.exe

Resource

win10v2004-20231215-en

bootkit persistence upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  0db97c6bdb487253fd3ec29bee586a2c
- Size
  
  328KB
- MD5
  
  0db97c6bdb487253fd3ec29bee586a2c
- SHA1
  
  1497ed3aa824205afb2c4268cff9368f8c0d972e
- SHA256
  
  d72a94fa33bcf318a05efa8b0caf54b2f349e6774d8bca3327f0c62ed35f3175
- SHA512
  
  559e27c5ab0eca1c255da41d4d4453c8eee3469817bc80f37ae5c7db71e0bf91f7247a48ff6c489c7bae26388a2e416f433b109cbd4a396da9570cc854e2c749
- SSDEEP
  
  6144:RePJYhcvhLxotp++sCTHUIKz3JWGYBjWo84y7KtM8rYKce0lmX30FTBS:RePJYIh9of++skOYBjDhAKWLCX30NBS
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy