Overview

overview

7

Static

static

7

56ab0a7fc0...0e.exe

windows7-x64

7

56ab0a7fc0...0e.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    56ab0a7fc00da6e7ee526c16235eb90e

  • Size

    200KB

  • Sample

    240112-rfmagahdcl

  • MD5

    56ab0a7fc00da6e7ee526c16235eb90e

  • SHA1

    102267931fd71b4c538e9d825db51b2a29262ffd

  • SHA256

    e5804872d49c942d1c3eefe4104d348033afc36c53664622d05bed0eeee14b1a

  • SHA512

    bc3171f0d156e8e615e821a77869f191fa13e326fd76f72ba2352de2599ad42eae986bf0c6977f320bde25210bd21b6875468312d035d947563680e27a425a56

  • SSDEEP

    6144:C7oBtDkJ3abnk6cV+EwmAoBNcX2NOkpwCi21gRQnfRVO4CXmlR:C78AqbaVcmAo7cGNpwCi+eQZE45v

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      56ab0a7fc00da6e7ee526c16235eb90e

    • Size

      200KB

    • MD5

      56ab0a7fc00da6e7ee526c16235eb90e

    • SHA1

      102267931fd71b4c538e9d825db51b2a29262ffd

    • SHA256

      e5804872d49c942d1c3eefe4104d348033afc36c53664622d05bed0eeee14b1a

    • SHA512

      bc3171f0d156e8e615e821a77869f191fa13e326fd76f72ba2352de2599ad42eae986bf0c6977f320bde25210bd21b6875468312d035d947563680e27a425a56

    • SSDEEP

      6144:C7oBtDkJ3abnk6cV+EwmAoBNcX2NOkpwCi21gRQnfRVO4CXmlR:C78AqbaVcmAo7cGNpwCi+eQZE45v

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks