General

  • Target

    9f05907f4f29259a4c2c34497c42067d386c58c2324252d9cdb329433a1bed7d

  • Size

    219KB

  • Sample

    240612-q71fqsxdpa

  • MD5

    6583c54f8a892b8d47eb4c0b59a3b9b9

  • SHA1

    ed49b9fc9ccce8d7ec2c331e19c4c47ad7f6f721

  • SHA256

    9f05907f4f29259a4c2c34497c42067d386c58c2324252d9cdb329433a1bed7d

  • SHA512

    332e6bfb3dcd5e825ab190b214267fab689db7b3fcb3b3d4c63038db2ba41b3f14171f3a9290ed89a94672afb518163bcabd92171719cbcaf6edf5b5ed217daf

  • SSDEEP

    3072:f2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhlK0Kn:f0KgGwHqwOOELha+sm2D2+UhngNPK4c3

Score
8/10

Malware Config

Targets

    • Target

      9f05907f4f29259a4c2c34497c42067d386c58c2324252d9cdb329433a1bed7d

    • Size

      219KB

    • MD5

      6583c54f8a892b8d47eb4c0b59a3b9b9

    • SHA1

      ed49b9fc9ccce8d7ec2c331e19c4c47ad7f6f721

    • SHA256

      9f05907f4f29259a4c2c34497c42067d386c58c2324252d9cdb329433a1bed7d

    • SHA512

      332e6bfb3dcd5e825ab190b214267fab689db7b3fcb3b3d4c63038db2ba41b3f14171f3a9290ed89a94672afb518163bcabd92171719cbcaf6edf5b5ed217daf

    • SSDEEP

      3072:f2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhlK0Kn:f0KgGwHqwOOELha+sm2D2+UhngNPK4c3

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks