Overview

overview

7

Static

static

7

4cb96aaf3a...50.exe

windows7-x64

7

4cb96aaf3a...50.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    4cb96aaf3aacba27e2bac5273270d3df5e651232891f424eafc03ffbfda1d350

  • Size

    1.5MB

  • Sample

    240428-h287paah6v

  • MD5

    ac2a422cc3bad3118bea0266a8fa0129

  • SHA1

    28ad50792975fecbb77202cfb3636e766c811a9f

  • SHA256

    4cb96aaf3aacba27e2bac5273270d3df5e651232891f424eafc03ffbfda1d350

  • SHA512

    67439e008733048f71f6b1bf6eac5469272a0377f8c6ec7349720114917a54136d47b9988e6d4e04e5c4cda5251ebd2aabeda1ae135991e705e438641beb3fa1

  • SSDEEP

    24576:Ioh3aS/tIUh102NhHF5Qk7t1T+5kKUY9lgtfifmyWTTnLNvvNAYWL6WTHUXLL9nH:IIX02NJFX7tR+Okl6fiFOLrAfFDQ9ns6

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      4cb96aaf3aacba27e2bac5273270d3df5e651232891f424eafc03ffbfda1d350

    • Size

      1.5MB

    • MD5

      ac2a422cc3bad3118bea0266a8fa0129

    • SHA1

      28ad50792975fecbb77202cfb3636e766c811a9f

    • SHA256

      4cb96aaf3aacba27e2bac5273270d3df5e651232891f424eafc03ffbfda1d350

    • SHA512

      67439e008733048f71f6b1bf6eac5469272a0377f8c6ec7349720114917a54136d47b9988e6d4e04e5c4cda5251ebd2aabeda1ae135991e705e438641beb3fa1

    • SSDEEP

      24576:Ioh3aS/tIUh102NhHF5Qk7t1T+5kKUY9lgtfifmyWTTnLNvvNAYWL6WTHUXLL9nH:IIX02NJFX7tR+Okl6fiFOLrAfFDQ9ns6

    Score
    7/10
    bootkitpersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks