Overview

overview

8

Static

static

3

2024-07-27...er.exe

windows7-x64

8

2024-07-27...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-27_2316d3c10330c442a2546aabc301af6b_avoslocker

  • Size

    4.3MB

  • Sample

    240727-bv146sxhrr

  • MD5

    2316d3c10330c442a2546aabc301af6b

  • SHA1

    58e821089dcc481f1c433d543ed7c6b64f9e9602

  • SHA256

    9fd6df09387f495bce9006289409e4a7d02f63022b2f96df13c3566e13a11e39

  • SHA512

    06b7d517f9cbf7b989aada70fa7b379d46cf6261c5d34ad218cc52a979e1b570933d864b3276b92b696e8a0ac1e0471ccdfbef72a28a485ecdf74a1d0286f2e6

  • SSDEEP

    98304:gpq/d8kCBDlMyQjujDW9tBcg2jGqwwAqWFnhGJ98j02rSYC6dkB3tiXG:Bci5ujyp8jGqwwtanagrRC6ONtmG

Score
8/10
bootkitdiscoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      2024-07-27_2316d3c10330c442a2546aabc301af6b_avoslocker

    • Size

      4.3MB

    • MD5

      2316d3c10330c442a2546aabc301af6b

    • SHA1

      58e821089dcc481f1c433d543ed7c6b64f9e9602

    • SHA256

      9fd6df09387f495bce9006289409e4a7d02f63022b2f96df13c3566e13a11e39

    • SHA512

      06b7d517f9cbf7b989aada70fa7b379d46cf6261c5d34ad218cc52a979e1b570933d864b3276b92b696e8a0ac1e0471ccdfbef72a28a485ecdf74a1d0286f2e6

    • SSDEEP

      98304:gpq/d8kCBDlMyQjujDW9tBcg2jGqwwAqWFnhGJ98j02rSYC6dkB3tiXG:Bci5ujyp8jGqwwtanagrRC6ONtmG

    Score
    8/10
    bootkitdiscoveryevasionpersistencetrojan

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks