General

  • Target

    51da666de0302e6c139752d5f53ef0f69e654f6602226e62d806b950d0d04d88

  • Size

    219KB

  • Sample

    240612-kphkbawfnr

  • MD5

    b57df8af10bec913b40ebe2b5dc6165c

  • SHA1

    72cec94e3867d54c6b62725f511c1cbfc6b65001

  • SHA256

    51da666de0302e6c139752d5f53ef0f69e654f6602226e62d806b950d0d04d88

  • SHA512

    52e0b22aeb77df7c6ebeb423742aa0e9a016a33c89645043eb57cfaa304fb1e46cc76b4b177c2123dbf9e5435f3f23277c1bc8d636ab1f00f1c83a41e5f1ad79

  • SSDEEP

    3072:Q2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhZK0KX:Q0KgGwHqwOOELha+sm2D2+UhngN7K4N4

Score
8/10

Malware Config

Targets

    • Target

      51da666de0302e6c139752d5f53ef0f69e654f6602226e62d806b950d0d04d88

    • Size

      219KB

    • MD5

      b57df8af10bec913b40ebe2b5dc6165c

    • SHA1

      72cec94e3867d54c6b62725f511c1cbfc6b65001

    • SHA256

      51da666de0302e6c139752d5f53ef0f69e654f6602226e62d806b950d0d04d88

    • SHA512

      52e0b22aeb77df7c6ebeb423742aa0e9a016a33c89645043eb57cfaa304fb1e46cc76b4b177c2123dbf9e5435f3f23277c1bc8d636ab1f00f1c83a41e5f1ad79

    • SSDEEP

      3072:Q2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhZK0KX:Q0KgGwHqwOOELha+sm2D2+UhngN7K4N4

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

2
T1012

System Information Discovery

1
T1082

Tasks