General

  • Target

    40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3

  • Size

    219KB

  • Sample

    240614-zmm5cavgnf

  • MD5

    f8476f12f15f6cb59af40de54e904a93

  • SHA1

    4256ad25778fc0b7bb7dcfc540e35c212a296bc3

  • SHA256

    40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3

  • SHA512

    516b2f7808cd1cc17ce16b685093c0ab219ac91da23afb8ec6dcb9a7045e488bda1a833f76d03d569a909ca0a335198aa12357af4ef2527b011d9b1826249fdd

  • SSDEEP

    3072:X2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhYK0Kx:X0KgGwHqwOOELha+sm2D2+UhngNeK4f4

Score
8/10

Malware Config

Targets

    • Target

      40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3

    • Size

      219KB

    • MD5

      f8476f12f15f6cb59af40de54e904a93

    • SHA1

      4256ad25778fc0b7bb7dcfc540e35c212a296bc3

    • SHA256

      40cf825721100990411271d92a5cfe400bb9c147606d32d3f31c00ba1123f3a3

    • SHA512

      516b2f7808cd1cc17ce16b685093c0ab219ac91da23afb8ec6dcb9a7045e488bda1a833f76d03d569a909ca0a335198aa12357af4ef2527b011d9b1826249fdd

    • SSDEEP

      3072:X2RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhhYK0Kx:X0KgGwHqwOOELha+sm2D2+UhngNeK4f4

    Score
    8/10
    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks for any installed AV software in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v13

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Discovery

Software Discovery

1
T1518

Security Software Discovery

1
T1518.001

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks