Overview

overview

7

Static

static

7

75180f8b9b...4d.exe

windows7-x64

7

75180f8b9b...4d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    75180f8b9b6b3e79a9ef09a9fba5c4b7125ac8e1c9994d41430cbd9fcad8264d

  • Size

    7.1MB

  • Sample

    240526-lh1b8adg3v

  • MD5

    4bf2e67583e9436eb0281657f8c512d6

  • SHA1

    d4b95b0237bbea566599a08871780f0876840137

  • SHA256

    75180f8b9b6b3e79a9ef09a9fba5c4b7125ac8e1c9994d41430cbd9fcad8264d

  • SHA512

    0514e851fde655d686ed73e8c9776713550abece4a592f0c8ecfb5d8b0fea46f4005856fbaadf752eaf94974b3cf090760f6b159e953d4b654ebe4ccd61d0d4e

  • SSDEEP

    98304:EbGkSM3n+WYFSLUhjquhPf6anUQRRLu6C+YTF3q9SzNx06evtwL485wFal6MaB:YGKn5ovhjLFSan1ugYXNYOLZN8B

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      75180f8b9b6b3e79a9ef09a9fba5c4b7125ac8e1c9994d41430cbd9fcad8264d

    • Size

      7.1MB

    • MD5

      4bf2e67583e9436eb0281657f8c512d6

    • SHA1

      d4b95b0237bbea566599a08871780f0876840137

    • SHA256

      75180f8b9b6b3e79a9ef09a9fba5c4b7125ac8e1c9994d41430cbd9fcad8264d

    • SHA512

      0514e851fde655d686ed73e8c9776713550abece4a592f0c8ecfb5d8b0fea46f4005856fbaadf752eaf94974b3cf090760f6b159e953d4b654ebe4ccd61d0d4e

    • SSDEEP

      98304:EbGkSM3n+WYFSLUhjquhPf6anUQRRLu6C+YTF3q9SzNx06evtwL485wFal6MaB:YGKn5ovhjLFSan1ugYXNYOLZN8B

    Score
    7/10
    bootkitpersistenceupx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks