General

  • Target

    2024-08-25_ef448f267cf7fac57dcce7550f6d796a_avoslocker

  • Size

    4.2MB

  • Sample

    240825-hwt6ksshrq

  • MD5

    ef448f267cf7fac57dcce7550f6d796a

  • SHA1

    f7b9cf313308c9f9c488f9766639dc4c20d77c1e

  • SHA256

    6ba2943ecf2a54ce7301741a157fd330ff9300db436e104094ca7b687dffdc00

  • SHA512

    26b0b68215af9f7708c0d26b8cccdc9d83abab7afa91ebd417f7eafbb0ad7eb228d3cf38c993c77011013340d65639fdce4a5107c321b9c84d6d9f34ff6ae3fb

  • SSDEEP

    98304:M54Z69F/gO6/JTTI0623OCyKHTiLcI/YZaYacQ25d:UF/gO6/JTTo4Hp0Y4Ya

Malware Config

Targets

    • Target

      2024-08-25_ef448f267cf7fac57dcce7550f6d796a_avoslocker

    • Size

      4.2MB

    • MD5

      ef448f267cf7fac57dcce7550f6d796a

    • SHA1

      f7b9cf313308c9f9c488f9766639dc4c20d77c1e

    • SHA256

      6ba2943ecf2a54ce7301741a157fd330ff9300db436e104094ca7b687dffdc00

    • SHA512

      26b0b68215af9f7708c0d26b8cccdc9d83abab7afa91ebd417f7eafbb0ad7eb228d3cf38c993c77011013340d65639fdce4a5107c321b9c84d6d9f34ff6ae3fb

    • SSDEEP

      98304:M54Z69F/gO6/JTTI0623OCyKHTiLcI/YZaYacQ25d:UF/gO6/JTTo4Hp0Y4Ya

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks