7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26 | Triage

Submit
Reports

Overview

overview

9

Static

static

3

7febd24ccb...26.exe

windows7-x64

9

7febd24ccb...26.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

Target

7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26.exe
Size

1.1MB
Sample

240625-bykatswhjm
MD5

eeb4b01cd2d0e34bbed8946c865ffa9e
SHA1

c6e32035dd97a8ddcf7a34a1e15120a372a1c650
SHA256

7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26
SHA512

68fd69a567a7ffe37105cd8e29f5817832743b466d7f7ed2af31c5268537b2db3796d81db37b350ad71bfe5b367f37d5b44448a9d31c6a387682c2c18cd17d8f
SSDEEP

24576:FI7m4LjGr35sk7kN9h/Flff2RbLbyBDOYO5cd4e7:FI7Sj77kN9h/wblYO5e

Score

9^/10

bootkit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26.exe

Resource

win7-20240508-en

bootkit persistence

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26.exe

Resource

win10v2004-20240508-en

bootkit persistence

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26.exe
- Size
  
  1.1MB
- MD5
  
  eeb4b01cd2d0e34bbed8946c865ffa9e
- SHA1
  
  c6e32035dd97a8ddcf7a34a1e15120a372a1c650
- SHA256
  
  7febd24ccb03455d2f784440b37be066b6b7673983d03c519b1c5fd21930ea26
- SHA512
  
  68fd69a567a7ffe37105cd8e29f5817832743b466d7f7ed2af31c5268537b2db3796d81db37b350ad71bfe5b367f37d5b44448a9d31c6a387682c2c18cd17d8f
- SSDEEP
  
  24576:FI7m4LjGr35sk7kN9h/Flff2RbLbyBDOYO5cd4e7:FI7Sj77kN9h/wblYO5e
Score

9^/10

bootkit persistence
- Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2025

Terms | Privacy