Overview

overview

7

Static

static

1

6fe49a3ed0...cf.exe

windows7-x64

7

6fe49a3ed0...cf.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6fe49a3ed0b29b53cf2aa9112c154f511ad56428808acebb95008cf62bc186cf.exe

  • Size

    23.6MB

  • Sample

    240820-tfl1ta1bqc

  • MD5

    f556d4d630a00a5b52d53149c5a571e3

  • SHA1

    630b3e6bfc6dd2e2fef10b282e78701a63d07df3

  • SHA256

    6fe49a3ed0b29b53cf2aa9112c154f511ad56428808acebb95008cf62bc186cf

  • SHA512

    b474f93b218185d08d42e61435fad03ac5351c80bfff640ea6868f49941829150bb92a455e7d40772d18a86fa5cca8d7a7291cf609c20bc5b4ecb96602c42a35

  • SSDEEP

    393216:J/lD14+gS60vJ2JkYcCQhYESZP66UJ2KHEleIPoAqnS1zJOpCKXHF31uVbpNcueQ:ld14+Fp8xd5fKkleI/oaI8EHR1qbjQpK

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      6fe49a3ed0b29b53cf2aa9112c154f511ad56428808acebb95008cf62bc186cf.exe

    • Size

      23.6MB

    • MD5

      f556d4d630a00a5b52d53149c5a571e3

    • SHA1

      630b3e6bfc6dd2e2fef10b282e78701a63d07df3

    • SHA256

      6fe49a3ed0b29b53cf2aa9112c154f511ad56428808acebb95008cf62bc186cf

    • SHA512

      b474f93b218185d08d42e61435fad03ac5351c80bfff640ea6868f49941829150bb92a455e7d40772d18a86fa5cca8d7a7291cf609c20bc5b4ecb96602c42a35

    • SSDEEP

      393216:J/lD14+gS60vJ2JkYcCQhYESZP66UJ2KHEleIPoAqnS1zJOpCKXHF31uVbpNcueQ:ld14+Fp8xd5fKkleI/oaI8EHR1qbjQpK

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies boot configuration data using bcdedit

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks