Overview

overview

7

Static

static

1

Screenshot_3.png

windows10-1703-x64

7

Resubmissions

28-05-2024 22:16

240528-16ykvsef6s 3

28-05-2024 22:05

240528-1zkenaec3w 7

28-05-2024 22:02

240528-1xx8qsfc97 3

25-05-2024 20:18

240525-y3p37she32 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Screenshot_3.png

  • Size

    414KB

  • Sample

    240528-1zkenaec3w

  • MD5

    f6864d39259b8ea2551b9f8af3ac8028

  • SHA1

    c56cbeef7c62e9effac8b957d8f2c955f2556d21

  • SHA256

    ec89d73a26dcde00d82a902fb30ad148ff9425d90a984c2d5805e89d65e739a8

  • SHA512

    1d5dc29abf6c15775625edfb5c5229c52fb5e6b720b34c6ade899babc3c8dcd141d91588e7d3ce99364f58265a5eb8ed6c565ecfa1e5c4c70f47f07e16df2fda

  • SSDEEP

    6144:m8TZ9LMRdSv09/VhzgaBmtlmMEE0hd+XMSLfEPSpwmUE1sAIcttTKdAuJOJH1V+q:DTvLhUX4tD0GMSLcPSz5ZKSuJONn20I2

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      Screenshot_3.png

    • Size

      414KB

    • MD5

      f6864d39259b8ea2551b9f8af3ac8028

    • SHA1

      c56cbeef7c62e9effac8b957d8f2c955f2556d21

    • SHA256

      ec89d73a26dcde00d82a902fb30ad148ff9425d90a984c2d5805e89d65e739a8

    • SHA512

      1d5dc29abf6c15775625edfb5c5229c52fb5e6b720b34c6ade899babc3c8dcd141d91588e7d3ce99364f58265a5eb8ed6c565ecfa1e5c4c70f47f07e16df2fda

    • SSDEEP

      6144:m8TZ9LMRdSv09/VhzgaBmtlmMEE0hd+XMSLfEPSpwmUE1sAIcttTKdAuJOJH1V+q:DTvLhUX4tD0GMSLcPSz5ZKSuJONn20I2

    Score
    7/10
    bootkitpersistenceupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks