Overview

overview

8

Static

static

1

kaspersky4...58.exe

windows7-x64

8

kaspersky4...58.exe

windows10-2004-x64

7

kaspersky4...58.exe

ubuntu-18.04-amd64

kaspersky4...58.exe

debian-9-armhf

kaspersky4...58.exe

debian-9-mips

kaspersky4...58.exe

debian-9-mipsel

Sharing

Copy URL
Twitter E-mail

General

  • Target

    kaspersky4win202121.15.8.493ru_45358.exe

  • Size

    4.3MB

  • Sample

    240327-jjk8ksff69

  • MD5

    e417669d808ecc17b45ade36c239a9a4

  • SHA1

    75822e9e1931faee54453080cb2c51898227fdd6

  • SHA256

    add82b8dfec5c20ff71080e7c817d52c60ce3f9ff96307584d46f30e0534df42

  • SHA512

    dc3fe1c8db358342442607e069c6fea81f7a57ac1e9aab2532fce006ad1f94f3ac1733cdacdd502634958e5b31fd349f1e87debbd9693311c2f8abf4e1d21147

  • SSDEEP

    98304:AsRRaG6Kg/Z5k33+4zGsVhmfyYl37AR26UdcGBAfXpoO6s:b6pTkHNqsnwHy2sGBAfXpols

Score
8/10
bootkitevasionlinuxpersistencetrojan

Malware Config

Targets

    • Target

      kaspersky4win202121.15.8.493ru_45358.exe

    • Size

      4.3MB

    • MD5

      e417669d808ecc17b45ade36c239a9a4

    • SHA1

      75822e9e1931faee54453080cb2c51898227fdd6

    • SHA256

      add82b8dfec5c20ff71080e7c817d52c60ce3f9ff96307584d46f30e0534df42

    • SHA512

      dc3fe1c8db358342442607e069c6fea81f7a57ac1e9aab2532fce006ad1f94f3ac1733cdacdd502634958e5b31fd349f1e87debbd9693311c2f8abf4e1d21147

    • SSDEEP

      98304:AsRRaG6Kg/Z5k33+4zGsVhmfyYl37AR26UdcGBAfXpoO6s:b6pTkHNqsnwHy2sGBAfXpols

    Score
    8/10
    evasiontrojanbootkitpersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2behavioral3behavioral4behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks