Overview

overview

8

Static

static

3

2024-09-03...er.exe

windows7-x64

8

2024-09-03...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-09-03_01af38fde5ae9c744610b7b10251d5b1_avoslocker

  • Size

    4.5MB

  • Sample

    240903-a4v4vasblq

  • MD5

    01af38fde5ae9c744610b7b10251d5b1

  • SHA1

    315f63797997e7dd9bc69ef4c1935658686f7155

  • SHA256

    88decf5829631b65e2483fc480d207ca6997df0da2d3577c9fc02ac84ef10154

  • SHA512

    c804976bd9241caf0a3b88e6306f75024d47a46f0939142964e05d2dd399c9daf3a88bd05b3988d60b9aace5f82855793911c72dbfece2b02584e736d8ecbab0

  • SSDEEP

    98304:nWqq+Mb+KyWv5rIy5YFWAvwznqGQl8v3/kdjvEJEnw:nWaLWvpIy5YPvwznIl8f/kt3w

Score
8/10
bootkitdiscoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      2024-09-03_01af38fde5ae9c744610b7b10251d5b1_avoslocker

    • Size

      4.5MB

    • MD5

      01af38fde5ae9c744610b7b10251d5b1

    • SHA1

      315f63797997e7dd9bc69ef4c1935658686f7155

    • SHA256

      88decf5829631b65e2483fc480d207ca6997df0da2d3577c9fc02ac84ef10154

    • SHA512

      c804976bd9241caf0a3b88e6306f75024d47a46f0939142964e05d2dd399c9daf3a88bd05b3988d60b9aace5f82855793911c72dbfece2b02584e736d8ecbab0

    • SSDEEP

      98304:nWqq+Mb+KyWv5rIy5YFWAvwznqGQl8v3/kdjvEJEnw:nWaLWvpIy5YPvwznIl8f/kt3w

    Score
    8/10
    bootkitdiscoveryevasionpersistencetrojan

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks