Overview

overview

6

Static

static

3

2024-02-25...ba.exe

windows7-x64

2024-02-25...ba.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-25_1bfcfdefca02e381eccd18569992a4e0_mbrlock_xiaoba

  • Size

    840KB

  • Sample

    240225-qqj3esce92

  • MD5

    1bfcfdefca02e381eccd18569992a4e0

  • SHA1

    5438474853ec9592b548ce32df63ada952f42c11

  • SHA256

    864893e9596236fa62b0e695ab3cb693979090ff1cfd4ced2c46c4a00f03d753

  • SHA512

    db168c7fe732e111f9114fd8c40a4b8fb94b023856b7d01a23828714c6c81b13705aae47e16e9068db7b28de00170b867cb7665afa3e12b49ac8ae96547fa1b1

  • SSDEEP

    12288:97dZ1kO5TIYFqo5C9/H8Se0NBy4i7sJTZni5Kytoq:97dY2T1FqoCFH8D0u4i7ETZiUytoq

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      2024-02-25_1bfcfdefca02e381eccd18569992a4e0_mbrlock_xiaoba

    • Size

      840KB

    • MD5

      1bfcfdefca02e381eccd18569992a4e0

    • SHA1

      5438474853ec9592b548ce32df63ada952f42c11

    • SHA256

      864893e9596236fa62b0e695ab3cb693979090ff1cfd4ced2c46c4a00f03d753

    • SHA512

      db168c7fe732e111f9114fd8c40a4b8fb94b023856b7d01a23828714c6c81b13705aae47e16e9068db7b28de00170b867cb7665afa3e12b49ac8ae96547fa1b1

    • SSDEEP

      12288:97dZ1kO5TIYFqo5C9/H8Se0NBy4i7sJTZni5Kytoq:97dY2T1FqoCFH8D0u4i7ETZiUytoq

    Score
    6/10
    bootkitpersistence

    • Adds Run key to start application

      persistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks