Overview

overview

7

Static

static

7

900a8acc75...37.exe

windows7-x64

7

900a8acc75...37.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    900a8acc750dbdc1e8b99e51d76a963fad47564c15da5dae9a08c329b9bba937

  • Size

    7.1MB

  • Sample

    240526-pzdrbsef23

  • MD5

    b4bb979fb3f26bbc396e0c5c55d0df01

  • SHA1

    f69b6395cbba9b75b91125d7ed1b1d1f9364211f

  • SHA256

    900a8acc750dbdc1e8b99e51d76a963fad47564c15da5dae9a08c329b9bba937

  • SHA512

    5f90816aaf8e0a7a91aee2158e9cb5e5805eb302c5f2c7285a2342fd59a5a8ac3d64ef8cb18510257761aa26894ade9d8ce1bdb07e0d9aa1602255fea9a841cb

  • SSDEEP

    196608:xiAgT8Hz65Mm1U1W4qgsQzDdxsWdDeDAApd5:vgIqOA5LatDAl/5

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      900a8acc750dbdc1e8b99e51d76a963fad47564c15da5dae9a08c329b9bba937

    • Size

      7.1MB

    • MD5

      b4bb979fb3f26bbc396e0c5c55d0df01

    • SHA1

      f69b6395cbba9b75b91125d7ed1b1d1f9364211f

    • SHA256

      900a8acc750dbdc1e8b99e51d76a963fad47564c15da5dae9a08c329b9bba937

    • SHA512

      5f90816aaf8e0a7a91aee2158e9cb5e5805eb302c5f2c7285a2342fd59a5a8ac3d64ef8cb18510257761aa26894ade9d8ce1bdb07e0d9aa1602255fea9a841cb

    • SSDEEP

      196608:xiAgT8Hz65Mm1U1W4qgsQzDdxsWdDeDAApd5:vgIqOA5LatDAl/5

    Score
    7/10
    bootkitpersistenceupx

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks