General

  • Target

    6fc31d442d8e9a708464b8010e2f69a295ece3eaaab3a80a6d1d30c27ef78d84

  • Size

    212KB

  • Sample

    240612-q21vbaxbpf

  • MD5

    6f91a7558437a780c4dcb6b45716597a

  • SHA1

    fe5476787309d5d77cb5a9024777af1218704da0

  • SHA256

    6fc31d442d8e9a708464b8010e2f69a295ece3eaaab3a80a6d1d30c27ef78d84

  • SHA512

    d014ecf3e0eab2951505e95d4974082d56078fd4607ee8cd8dc687e2d0332aa83e13cbccb8f463723c21eb3582edb79c2cae0faef4a1137f23a0cda5c80355d2

  • SSDEEP

    3072:csmIwp0Lr0cZMHeBw4kQkFAe5sWkn0VEqj+KHy+pDyXtLAcjaK7PuENhVPW0comn:cGwqAHAw49UsWknOEqiJ+AXD7PPW0ddW

Score
8/10

Malware Config

Targets

    • Target

      6fc31d442d8e9a708464b8010e2f69a295ece3eaaab3a80a6d1d30c27ef78d84

    • Size

      212KB

    • MD5

      6f91a7558437a780c4dcb6b45716597a

    • SHA1

      fe5476787309d5d77cb5a9024777af1218704da0

    • SHA256

      6fc31d442d8e9a708464b8010e2f69a295ece3eaaab3a80a6d1d30c27ef78d84

    • SHA512

      d014ecf3e0eab2951505e95d4974082d56078fd4607ee8cd8dc687e2d0332aa83e13cbccb8f463723c21eb3582edb79c2cae0faef4a1137f23a0cda5c80355d2

    • SSDEEP

      3072:csmIwp0Lr0cZMHeBw4kQkFAe5sWkn0VEqj+KHy+pDyXtLAcjaK7PuENhVPW0comn:cGwqAHAw49UsWknOEqiJ+AXD7PPW0ddW

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks