General

  • Target

    1875d8ba23994c5572d3a2f17bc06a87c0dd54d2df2ac2888d5333715b683d70

  • Size

    219KB

  • Sample

    240612-jtpzhsverf

  • MD5

    d5a43799e551e4f142f9c46803dbe48b

  • SHA1

    1e796e7fa5bef631dcb7b2f83c31b24655b7b164

  • SHA256

    1875d8ba23994c5572d3a2f17bc06a87c0dd54d2df2ac2888d5333715b683d70

  • SHA512

    0416b91f674cd691e694b1175735431b988ba766329c2d99cc84d7792270a6b80e36bd0916e8d948b3a55328c4d878785dd433ed7a723e681dcbc6a0be7d492f

  • SSDEEP

    3072:22RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0KK:20KgGwHqwOOELha+sm2D2+UhngNHK41F

Score
8/10

Malware Config

Targets

    • Target

      1875d8ba23994c5572d3a2f17bc06a87c0dd54d2df2ac2888d5333715b683d70

    • Size

      219KB

    • MD5

      d5a43799e551e4f142f9c46803dbe48b

    • SHA1

      1e796e7fa5bef631dcb7b2f83c31b24655b7b164

    • SHA256

      1875d8ba23994c5572d3a2f17bc06a87c0dd54d2df2ac2888d5333715b683d70

    • SHA512

      0416b91f674cd691e694b1175735431b988ba766329c2d99cc84d7792270a6b80e36bd0916e8d948b3a55328c4d878785dd433ed7a723e681dcbc6a0be7d492f

    • SSDEEP

      3072:22RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0KK:20KgGwHqwOOELha+sm2D2+UhngNHK41F

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks