Overview

overview

7

Static

static

3

3aaf295d0f...ae.exe

windows7-x64

7

3aaf295d0f...ae.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3aaf295d0fbce32e6b443fe07575cd11188741f7e79eb0f8e0ec393805f5b6ae

  • Size

    14.8MB

  • Sample

    240309-jypjjsea82

  • MD5

    683884ad956569a800b407403d811f18

  • SHA1

    adb23ebbab5d6ec1cb676ca404f2e81d04946bd8

  • SHA256

    3aaf295d0fbce32e6b443fe07575cd11188741f7e79eb0f8e0ec393805f5b6ae

  • SHA512

    9a07d22f59c73116d7e32b2fbede09d0b29853da4943aeff4a4ffdb927996435517ab2225a0d3f404e86ac546483dac358fbc90ca69df0542bdbfcbac9cae2e0

  • SSDEEP

    196608:clAgWe8mDn8u8NSHdoH8W3vABvoPz1pdwjIPhswj18JV:sArxEBW3Y5oPz1fnh2

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      3aaf295d0fbce32e6b443fe07575cd11188741f7e79eb0f8e0ec393805f5b6ae

    • Size

      14.8MB

    • MD5

      683884ad956569a800b407403d811f18

    • SHA1

      adb23ebbab5d6ec1cb676ca404f2e81d04946bd8

    • SHA256

      3aaf295d0fbce32e6b443fe07575cd11188741f7e79eb0f8e0ec393805f5b6ae

    • SHA512

      9a07d22f59c73116d7e32b2fbede09d0b29853da4943aeff4a4ffdb927996435517ab2225a0d3f404e86ac546483dac358fbc90ca69df0542bdbfcbac9cae2e0

    • SSDEEP

      196608:clAgWe8mDn8u8NSHdoH8W3vABvoPz1pdwjIPhswj18JV:sArxEBW3Y5oPz1fnh2

    Score
    7/10
    bootkitpersistenceupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks