Overview

overview

7

Static

static

3

e6a1524845...3d.exe

windows7-x64

7

e6a1524845...3d.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    e6a1524845fb2400f28de9530e6ed51af56c4346e197fe1784a497d665f0ff3d

  • Size

    3.2MB

  • Sample

    240309-h3hfcsdg95

  • MD5

    2ba9fb172e0ee053b04029f8a9d74b75

  • SHA1

    cccf365b9d1fa9561c51c9d603ed4b08b25a0c09

  • SHA256

    e6a1524845fb2400f28de9530e6ed51af56c4346e197fe1784a497d665f0ff3d

  • SHA512

    eadbec2f28d9fa21f994695fa86afa766dbc6c3b0c2dbbd1a2335b3478cbabba976332f50756af4bd7d56281cf4adf1f643b18f90e25402651a295c31f515b2d

  • SSDEEP

    98304:PgmPNJykxy8so6/O2PHyVpooHGL4ygj3vAs6:PgWa8NSHdoH8W3vA

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      e6a1524845fb2400f28de9530e6ed51af56c4346e197fe1784a497d665f0ff3d

    • Size

      3.2MB

    • MD5

      2ba9fb172e0ee053b04029f8a9d74b75

    • SHA1

      cccf365b9d1fa9561c51c9d603ed4b08b25a0c09

    • SHA256

      e6a1524845fb2400f28de9530e6ed51af56c4346e197fe1784a497d665f0ff3d

    • SHA512

      eadbec2f28d9fa21f994695fa86afa766dbc6c3b0c2dbbd1a2335b3478cbabba976332f50756af4bd7d56281cf4adf1f643b18f90e25402651a295c31f515b2d

    • SSDEEP

      98304:PgmPNJykxy8so6/O2PHyVpooHGL4ygj3vAs6:PgWa8NSHdoH8W3vA

    Score
    7/10
    bootkitpersistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks