Overview

overview

8

Static

static

1

AnyDesk.exe

windows7-x64

6

AnyDesk.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    AnyDesk.exe

  • Size

    5.2MB

  • Sample

    240726-tyhq4syhqr

  • MD5

    9603cad726f04b638b9797c46c162077

  • SHA1

    4a014126222d142651b17f45dbba0e8921824908

  • SHA256

    bbbedd933ac156b476e1b3edb3e09501c604a79c4ff1a917df779a9f1bec5cca

  • SHA512

    ed5a6aad1d4a4a1ca52db49e05f7182cbaaa1b0f529e8f365ce88c5e6119c5295efc93ba858b965439c7128cbcd95bd0dda7aea27fa0aa99e25275a1dfd1963f

  • SSDEEP

    98304:+1dJnYn26LSFNG454AmJ7icauHrXMU8LGfHeCXX3XWDW1tTf3HhKM26:+rJn0O54A07PauHr8U8WeCXX3aED3BzJ

Score
8/10
bootkitdiscoveryevasionpersistence

Malware Config

Targets

    • Target

      AnyDesk.exe

    • Size

      5.2MB

    • MD5

      9603cad726f04b638b9797c46c162077

    • SHA1

      4a014126222d142651b17f45dbba0e8921824908

    • SHA256

      bbbedd933ac156b476e1b3edb3e09501c604a79c4ff1a917df779a9f1bec5cca

    • SHA512

      ed5a6aad1d4a4a1ca52db49e05f7182cbaaa1b0f529e8f365ce88c5e6119c5295efc93ba858b965439c7128cbcd95bd0dda7aea27fa0aa99e25275a1dfd1963f

    • SSDEEP

      98304:+1dJnYn26LSFNG454AmJ7icauHrXMU8LGfHeCXX3XWDW1tTf3HhKM26:+rJn0O54A07PauHr8U8WeCXX3aED3BzJ

    Score
    8/10
    discoverybootkitevasionpersistence

    • Disables Task Manager via registry modification

      evasion

    • Drops desktop.ini file(s)

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks