Overview

overview

6

Static

static

3

769b79ee07...08.exe

windows7-x64

6

769b79ee07...08.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    769b79ee078681a80bcfa323f35dd108

  • Size

    272KB

  • Sample

    240126-g2bezshafp

  • MD5

    769b79ee078681a80bcfa323f35dd108

  • SHA1

    830a3726e917a9195c5af42e0a9230298ab9cb9a

  • SHA256

    d4ebba085102f4d331a5612cd9d2decac8798b1f79f1988c2580f1aa97d7e88f

  • SHA512

    fce5efb2e90a8f786afca8e335ecfa97ed4d57b32d97bd93a4c8eb92327a67b29d8028b3f0ca78422cf5c5d5f77dfa2c5a5b90e6b9f09311fb8a562716e9a123

  • SSDEEP

    6144:J3IldTOAS5sp7vXX9moHgwbuvOh0ECuOzD37777777777:J3g7vXX61v6n7OP7777777777

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      769b79ee078681a80bcfa323f35dd108

    • Size

      272KB

    • MD5

      769b79ee078681a80bcfa323f35dd108

    • SHA1

      830a3726e917a9195c5af42e0a9230298ab9cb9a

    • SHA256

      d4ebba085102f4d331a5612cd9d2decac8798b1f79f1988c2580f1aa97d7e88f

    • SHA512

      fce5efb2e90a8f786afca8e335ecfa97ed4d57b32d97bd93a4c8eb92327a67b29d8028b3f0ca78422cf5c5d5f77dfa2c5a5b90e6b9f09311fb8a562716e9a123

    • SSDEEP

      6144:J3IldTOAS5sp7vXX9moHgwbuvOh0ECuOzD37777777777:J3g7vXX61v6n7OP7777777777

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks