General

  • Target

    f0e64826ffdc43bd3c961c86511c6588cc1d204a7390ed67739815444c1d1646

  • Size

    212KB

  • Sample

    240612-q2l16a1app

  • MD5

    93bbaa5d4186be39578a33dddb384bc5

  • SHA1

    5d24436b268152b5b1bdc7490c2cd6cc08cd7d49

  • SHA256

    f0e64826ffdc43bd3c961c86511c6588cc1d204a7390ed67739815444c1d1646

  • SHA512

    2b19f0204682485609f3220f967187c378e61667947a365e14193312e9fa13c645108909ce0a1cf7840ba744d1bfff9fbf8399a2504cebb601833e5674b8a353

  • SSDEEP

    3072:zsmIwp0Lr0cZMHeBw4kQkFAe5sWkn0VEqj+KHy+pDyXtLAcjaK7PuENhVPW0coBc:zGwqAHAw49UsWknOEqiJ+AXD7PPW0Md5

Score
8/10

Malware Config

Targets

    • Target

      f0e64826ffdc43bd3c961c86511c6588cc1d204a7390ed67739815444c1d1646

    • Size

      212KB

    • MD5

      93bbaa5d4186be39578a33dddb384bc5

    • SHA1

      5d24436b268152b5b1bdc7490c2cd6cc08cd7d49

    • SHA256

      f0e64826ffdc43bd3c961c86511c6588cc1d204a7390ed67739815444c1d1646

    • SHA512

      2b19f0204682485609f3220f967187c378e61667947a365e14193312e9fa13c645108909ce0a1cf7840ba744d1bfff9fbf8399a2504cebb601833e5674b8a353

    • SSDEEP

      3072:zsmIwp0Lr0cZMHeBw4kQkFAe5sWkn0VEqj+KHy+pDyXtLAcjaK7PuENhVPW0coBc:zGwqAHAw49UsWknOEqiJ+AXD7PPW0Md5

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks