Overview

overview

7

Static

static

1

.html

windows7-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    .

  • Size

    19KB

  • Sample

    240526-pb7z9sbh42

  • MD5

    ee1b1775f234685d07ea7ac8d41bd0a7

  • SHA1

    9aa364fdae93b5fc3a44d2a9faa8b664b590f1c0

  • SHA256

    7b016c561e795a7aae232046d10af5b79fbf222f1e2c9bd61b0537ddf0730782

  • SHA512

    37a70fc197035ecf96a4611d61d513b72f327d9d2c43a10185684970cb94655983cb94c272e62cc1d6da1f78207f357d46545489b6c1d174acfc7fe4daec45db

  • SSDEEP

    384:r+I0PDpmReVoOs4yi9ylKeGMKU8Hhhbqiy7Bo2paWhOwob0O+bIJCgMmV6:r+zBVoOs4ymyI1MgBhbVUAWhOwob0oJO

Score
7/10
bootkitexecutionpersistence

Malware Config

Targets

    • Target

      .

    • Size

      19KB

    • MD5

      ee1b1775f234685d07ea7ac8d41bd0a7

    • SHA1

      9aa364fdae93b5fc3a44d2a9faa8b664b590f1c0

    • SHA256

      7b016c561e795a7aae232046d10af5b79fbf222f1e2c9bd61b0537ddf0730782

    • SHA512

      37a70fc197035ecf96a4611d61d513b72f327d9d2c43a10185684970cb94655983cb94c272e62cc1d6da1f78207f357d46545489b6c1d174acfc7fe4daec45db

    • SSDEEP

      384:r+I0PDpmReVoOs4yi9ylKeGMKU8Hhhbqiy7Bo2paWhOwob0O+bIJCgMmV6:r+zBVoOs4ymyI1MgBhbVUAWhOwob0oJO

    Score
    7/10
    bootkitexecutionpersistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

1
T1059

JavaScript

1
T1059.007

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Modify Registry

2
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks