2f7ab80f4166b10cdf2ba89949c2f35703f9adc7f07175c5e111c86bfb2843e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6809f5217ec5d62c7efc977c8ae65835
Size

911KB
Sample

240119-tel97ahcam
MD5

6809f5217ec5d62c7efc977c8ae65835
SHA1

b757542dfdd6354c7f68600e213242f9788b41b2
SHA256

2f7ab80f4166b10cdf2ba89949c2f35703f9adc7f07175c5e111c86bfb2843e5
SHA512

3e418c814d6ee9c5f2a5af508ec6efe01ca1df978f21392f6fbb884ba37969246f5b475e0255a106639894d135215afb821e653df45c93006ca1f7daefb0b598
SSDEEP

12288:QJrUmY9ew9sHadryhrOe12ruFtqOrkkoOghihuCPcSUzKzbUwzSSkUBWAMuUwi8A:QuH9vOHadr8CUmOpuCkS44UWSu/Ltkl

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  mcuelf-v1.3.exe
- Size
  
  921KB
- MD5
  
  923b3c63dea2add4f197793f42ad290d
- SHA1
  
  12fea289bce71c7c45d0eb88f32ad308fa4562d0
- SHA256
  
  aa87484d37bd1cda3ed228facf13947c71cdf959ff21faea4a394e4f91720725
- SHA512
  
  d1b825b4b973564308068bc26cf5b94313536d7d15f3d6fec2a55443c7f80ace845572fea84f4638c807b1e45757d5e5527dd4fa52debcbcf583029d1206fac4
- SSDEEP
  
  12288:QZG2u7J09WZVOk3m6iBagwNQiCXH8tG6zj+Ugs5JR7IIc7aTKPqEKvlY3B2fouC/:QiNZUSmTMj+iEcG6zCs5z3cnHpMfG
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

behavioral3

behavioral4