General

  • Target

    2024-06-14_0de45250f60970b400bb0ab2b2b5a7c1_avoslocker_cobalt-strike

  • Size

    701KB

  • Sample

    240614-yf17ystapb

  • MD5

    0de45250f60970b400bb0ab2b2b5a7c1

  • SHA1

    be22604bf86cfe0d6b517c91585d2170c85bec58

  • SHA256

    af487c1d408b6b2f3022581783b217f170670ee9eedb36980cf9d8ae6fc68757

  • SHA512

    18398d9a4ec7d3036d04cad036032708eceacb245f745e8d6e09142c7740267f2b84133443a9fe4c755a765de08fc4b5ac2d49553745894617d5e8b40a79a955

  • SSDEEP

    12288:5j1Ecr0txKrMHNdJ5S4edgtQhKvnuadnJWcqreN6B8+MOq7FfhjTLtYwWRSIsSCJ:t1Vrw3NUdg6h1adJuB8PRfXYwwSIq3ma

Malware Config

Targets

    • Target

      2024-06-14_0de45250f60970b400bb0ab2b2b5a7c1_avoslocker_cobalt-strike

    • Size

      701KB

    • MD5

      0de45250f60970b400bb0ab2b2b5a7c1

    • SHA1

      be22604bf86cfe0d6b517c91585d2170c85bec58

    • SHA256

      af487c1d408b6b2f3022581783b217f170670ee9eedb36980cf9d8ae6fc68757

    • SHA512

      18398d9a4ec7d3036d04cad036032708eceacb245f745e8d6e09142c7740267f2b84133443a9fe4c755a765de08fc4b5ac2d49553745894617d5e8b40a79a955

    • SSDEEP

      12288:5j1Ecr0txKrMHNdJ5S4edgtQhKvnuadnJWcqreN6B8+MOq7FfhjTLtYwWRSIsSCJ:t1Vrw3NUdg6h1adJuB8PRfXYwwSIq3ma

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Modify Registry

1
T1112

Discovery

System Information Discovery

1
T1082

Tasks