General

  • Target

    cecfdb6e63c1655d1fea5a89ed6e63fd1281848f30fe0d4b9999073910121067

  • Size

    219KB

  • Sample

    240612-lsyalszfjc

  • MD5

    f40dfdc9aa038c4422a7a69aa4623392

  • SHA1

    a1b4393a6c1edf06b42c40d5d1fc7e551d4a4bfa

  • SHA256

    cecfdb6e63c1655d1fea5a89ed6e63fd1281848f30fe0d4b9999073910121067

  • SHA512

    0c7a892fccc26721d7557a071a15b67fd8c956c5da829aaf6128ad47c4b40a6e13e0ff843c77901e5e45f3ccab62ce9fcf57fa31809dba3786dbf1daa2866acf

  • SSDEEP

    3072:C2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0KX:C0KgGwHqwOOELha+sm2D2+UhngNHK4J0

Score
8/10

Malware Config

Targets

    • Target

      cecfdb6e63c1655d1fea5a89ed6e63fd1281848f30fe0d4b9999073910121067

    • Size

      219KB

    • MD5

      f40dfdc9aa038c4422a7a69aa4623392

    • SHA1

      a1b4393a6c1edf06b42c40d5d1fc7e551d4a4bfa

    • SHA256

      cecfdb6e63c1655d1fea5a89ed6e63fd1281848f30fe0d4b9999073910121067

    • SHA512

      0c7a892fccc26721d7557a071a15b67fd8c956c5da829aaf6128ad47c4b40a6e13e0ff843c77901e5e45f3ccab62ce9fcf57fa31809dba3786dbf1daa2866acf

    • SSDEEP

      3072:C2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0KX:C0KgGwHqwOOELha+sm2D2+UhngNHK4J0

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks