General
-
Target
avast_one_free_antivirus.exe
-
Size
265KB
-
Sample
240303-ahj5fsba67
-
MD5
eb2fc9439bb34e4e934759e9f6cbaacd
-
SHA1
55604d53cb288fbddcd276930c80c917ca1441d9
-
SHA256
d515af7b4dc679779660ffdee6c1ce9e68d95fb4dad5494568985a160592f593
-
SHA512
687b2bffa1a937d06408b718e520df552d69cf1a5db276290f836ca9114cf2e8b9566435ee2cd55084019e3582fe24ee300c6135e360ff0833fa37d5764c4b2d
-
SSDEEP
3072:iX5bx/ZvAtc0Udi+EhwPAD0JJa+tS5bRZnShxB6xY5LzqUC+8kz5m5pohjhEPn+b:iBxL0HwPXtShRZSExgQDsU6
Static task
static1
Behavioral task
behavioral1
Sample
avast_one_free_antivirus.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
avast_one_free_antivirus.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
avast_one_free_antivirus.exe
-
Size
265KB
-
MD5
eb2fc9439bb34e4e934759e9f6cbaacd
-
SHA1
55604d53cb288fbddcd276930c80c917ca1441d9
-
SHA256
d515af7b4dc679779660ffdee6c1ce9e68d95fb4dad5494568985a160592f593
-
SHA512
687b2bffa1a937d06408b718e520df552d69cf1a5db276290f836ca9114cf2e8b9566435ee2cd55084019e3582fe24ee300c6135e360ff0833fa37d5764c4b2d
-
SSDEEP
3072:iX5bx/ZvAtc0Udi+EhwPAD0JJa+tS5bRZnShxB6xY5LzqUC+8kz5m5pohjhEPn+b:iBxL0HwPXtShRZSExgQDsU6
Score6/10-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Downloads MZ/PE file
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
2Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1