General

  • Target

    de5131f840078a99bb9f75891a55a1db3533dd9763ca991fc97ff3498b81a082

  • Size

    219KB

  • Sample

    240612-jnt2aavelq

  • MD5

    8a014c4487b0c2672802723efa1ee36a

  • SHA1

    2f11035f40ac2e7d4bdf960911e3a1c14625c2b3

  • SHA256

    de5131f840078a99bb9f75891a55a1db3533dd9763ca991fc97ff3498b81a082

  • SHA512

    cb60b0e143fc6971a263b968201626832d16f00cf7fa7010cbb59071204db438e9512bfcd0b1d89f0b2bc4208e2b0bc7e28a0c2856101ec3db70f6c99fd657b2

  • SSDEEP

    3072:J2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhYK0Ko:J0KgGwHqwOOELha+sm2D2+UhngNeK4fp

Score
8/10

Malware Config

Targets

    • Target

      de5131f840078a99bb9f75891a55a1db3533dd9763ca991fc97ff3498b81a082

    • Size

      219KB

    • MD5

      8a014c4487b0c2672802723efa1ee36a

    • SHA1

      2f11035f40ac2e7d4bdf960911e3a1c14625c2b3

    • SHA256

      de5131f840078a99bb9f75891a55a1db3533dd9763ca991fc97ff3498b81a082

    • SHA512

      cb60b0e143fc6971a263b968201626832d16f00cf7fa7010cbb59071204db438e9512bfcd0b1d89f0b2bc4208e2b0bc7e28a0c2856101ec3db70f6c99fd657b2

    • SSDEEP

      3072:J2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhYK0Ko:J0KgGwHqwOOELha+sm2D2+UhngNeK4fp

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks