8f19393af0bbb493af56a36745843776eb01a56da1184e989e1d8ae807a863dd | Triage

Submit
Reports

Overview

overview

7

Static

static

7

adb5fc416c...5c.exe

windows7-x64

7

adb5fc416c...5c.exe

windows10-2004-x64

7

Sharing

General

Target

adb5fc416cc99c05fd439515cfe23f5c
Size

223KB
Sample

240229-e8xkpade64
MD5

adb5fc416cc99c05fd439515cfe23f5c
SHA1

43371242ff4781ff2f53841c7d3e25d3140b0287
SHA256

8f19393af0bbb493af56a36745843776eb01a56da1184e989e1d8ae807a863dd
SHA512

191d275ec9d468e3fc7304891273cc35b3e175e62743e2658ecd57943fd80e39f7d7c93d0c94aa29f86e5aa59e3725b4dc62461840d4c480b277e7938f6aa011
SSDEEP

3072:qrZwnwS8XSu+m2P+UfVwUMdo/b79pBb4+U7aIw5vyRirwtox0nje/16DZCJEVQ:q1wGSu+J+Uabdo/btq7aIS/wRZCJEVQ

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

adb5fc416cc99c05fd439515cfe23f5c.exe

Resource

win7-20240220-en

bootkit persistence upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

adb5fc416cc99c05fd439515cfe23f5c.exe

Resource

win10v2004-20240226-en

bootkit persistence upx

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  adb5fc416cc99c05fd439515cfe23f5c
- Size
  
  223KB
- MD5
  
  adb5fc416cc99c05fd439515cfe23f5c
- SHA1
  
  43371242ff4781ff2f53841c7d3e25d3140b0287
- SHA256
  
  8f19393af0bbb493af56a36745843776eb01a56da1184e989e1d8ae807a863dd
- SHA512
  
  191d275ec9d468e3fc7304891273cc35b3e175e62743e2658ecd57943fd80e39f7d7c93d0c94aa29f86e5aa59e3725b4dc62461840d4c480b277e7938f6aa011
- SSDEEP
  
  3072:qrZwnwS8XSu+m2P+UfVwUMdo/b79pBb4+U7aIw5vyRirwtox0nje/16DZCJEVQ:q1wGSu+J+Uabdo/btq7aIS/wRZCJEVQ
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy