General

  • Target

    3deff0d64f079cdaee1cdc699f670caeca5d2fb1260cde24c54993e50abf2b1e

  • Size

    219KB

  • Sample

    240612-s1784stgkr

  • MD5

    f59c263f68f10f5574dd5cece8786e78

  • SHA1

    da0487c10bca7ff27f65610c37c5966698b0fc46

  • SHA256

    3deff0d64f079cdaee1cdc699f670caeca5d2fb1260cde24c54993e50abf2b1e

  • SHA512

    4a11f1ba0d2aa14b4f70c951cadae2bd41abd68bed67e424724a0c2d21f5de002a416d265104c84b05e0989f6da13c16343f4e4d0dda764ac6cda3844def6cd4

  • SSDEEP

    3072:W2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhdK0Kb:W0KgGwHqwOOELha+sm2D2+UhngNnK4LK

Score
8/10

Malware Config

Targets

    • Target

      3deff0d64f079cdaee1cdc699f670caeca5d2fb1260cde24c54993e50abf2b1e

    • Size

      219KB

    • MD5

      f59c263f68f10f5574dd5cece8786e78

    • SHA1

      da0487c10bca7ff27f65610c37c5966698b0fc46

    • SHA256

      3deff0d64f079cdaee1cdc699f670caeca5d2fb1260cde24c54993e50abf2b1e

    • SHA512

      4a11f1ba0d2aa14b4f70c951cadae2bd41abd68bed67e424724a0c2d21f5de002a416d265104c84b05e0989f6da13c16343f4e4d0dda764ac6cda3844def6cd4

    • SSDEEP

      3072:W2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhdK0Kb:W0KgGwHqwOOELha+sm2D2+UhngNnK4LK

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks