Overview

overview

8

Static

static

3

b07dadb937...e8.exe

windows7-x64

8

b07dadb937...e8.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b07dadb9375d3056660bce1fcd415a5387ab95d386e0bda974d810dca266c4e8

  • Size

    10.0MB

  • Sample

    240127-qtlenafacp

  • MD5

    28c671f8f895f52e53c65672e6a2b80a

  • SHA1

    a3c652a67542672cd9684c16310b93dd6151cfe5

  • SHA256

    b07dadb9375d3056660bce1fcd415a5387ab95d386e0bda974d810dca266c4e8

  • SHA512

    6533f1adde341c85fc6587392b2401dc1e7d41956fc7eb197c640c516b2d35c011ea039165a22d405ef2d39d90f94f6f7603b89f100be6a4d6bb5f93fc0ef027

  • SSDEEP

    196608:A+F3/S7gJUmDuwANtUA+NVRDPImrRz2k/IRrhBSSh2WfX7L2bBhj+Jg:A+BxyXp+NVmmrRSk/erSUVfLLAnSJg

Score
8/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      b07dadb9375d3056660bce1fcd415a5387ab95d386e0bda974d810dca266c4e8

    • Size

      10.0MB

    • MD5

      28c671f8f895f52e53c65672e6a2b80a

    • SHA1

      a3c652a67542672cd9684c16310b93dd6151cfe5

    • SHA256

      b07dadb9375d3056660bce1fcd415a5387ab95d386e0bda974d810dca266c4e8

    • SHA512

      6533f1adde341c85fc6587392b2401dc1e7d41956fc7eb197c640c516b2d35c011ea039165a22d405ef2d39d90f94f6f7603b89f100be6a4d6bb5f93fc0ef027

    • SSDEEP

      196608:A+F3/S7gJUmDuwANtUA+NVRDPImrRz2k/IRrhBSSh2WfX7L2bBhj+Jg:A+BxyXp+NVmmrRSk/erSUVfLLAnSJg

    Score
    8/10
    bootkitdiscoverypersistence

    • Downloads MZ/PE file

    • Checks for any installed AV software in registry

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks