General
-
Target
avgclear.exe
-
Size
13.8MB
-
Sample
240615-y2nhzsshrd
-
MD5
ca754a269f98315f42a827c4477962df
-
SHA1
02060ab941a635d7ce228f41657e6a308dee0825
-
SHA256
4555c33639598bc76b74b735a19b362d462f5a5928018e53005d6075a051de0a
-
SHA512
2c58a97cd9560f857635969af79dd649c9e42830def63bc72c72fd94c8bd498de1d50ae2c735feb346de4c578cf0bad6a4c728b88212a7eddd934be0d5ba3c9b
-
SSDEEP
393216:PP0K5chec2c1keb7BQf1Egvh7ruG/LXLBfoKyI7Rzv:X02ccXcrgxBXLBlyuVv
Static task
static1
Behavioral task
behavioral1
Sample
avgclear.exe
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
avgclear.exe
-
Size
13.8MB
-
MD5
ca754a269f98315f42a827c4477962df
-
SHA1
02060ab941a635d7ce228f41657e6a308dee0825
-
SHA256
4555c33639598bc76b74b735a19b362d462f5a5928018e53005d6075a051de0a
-
SHA512
2c58a97cd9560f857635969af79dd649c9e42830def63bc72c72fd94c8bd498de1d50ae2c735feb346de4c578cf0bad6a4c728b88212a7eddd934be0d5ba3c9b
-
SSDEEP
393216:PP0K5chec2c1keb7BQf1Egvh7ruG/LXLBfoKyI7Rzv:X02ccXcrgxBXLBlyuVv
Score9/10-
Modifies boot configuration data using bcdedit
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1