Overview

overview

8

Static

static

3

2024-09-07...er.exe

windows7-x64

8

2024-09-07...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-09-07_861d7bc5c90b8f4c4cd4ddc9e9b5f528_avoslocker

  • Size

    4.6MB

  • Sample

    240907-f8gd5sxclr

  • MD5

    861d7bc5c90b8f4c4cd4ddc9e9b5f528

  • SHA1

    ac0f49f02259b2b47b2e3f420161255b42ea2f13

  • SHA256

    dd855537628635450e95e86b1332d7ca8cb40910ffdb8a1ebc584038c8328c74

  • SHA512

    385cc47b6177fe21d95ad88c688a03694c3b5f115ac1b9b5ba93d464487be70a649b8e9f8f04bb3fe1554809c9c6aaf7d9780cf7015536032168e74b59fb8002

  • SSDEEP

    98304:9Wqq+Mb+EyWv5rIy5YFWAvwzn6IhTE3mFFkKmIcoRbO462gnw:9WadWvpIy5YPvwzn6Ii3skKm9WOdBw

Score
8/10
bootkitdiscoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      2024-09-07_861d7bc5c90b8f4c4cd4ddc9e9b5f528_avoslocker

    • Size

      4.6MB

    • MD5

      861d7bc5c90b8f4c4cd4ddc9e9b5f528

    • SHA1

      ac0f49f02259b2b47b2e3f420161255b42ea2f13

    • SHA256

      dd855537628635450e95e86b1332d7ca8cb40910ffdb8a1ebc584038c8328c74

    • SHA512

      385cc47b6177fe21d95ad88c688a03694c3b5f115ac1b9b5ba93d464487be70a649b8e9f8f04bb3fe1554809c9c6aaf7d9780cf7015536032168e74b59fb8002

    • SSDEEP

      98304:9Wqq+Mb+EyWv5rIy5YFWAvwzn6IhTE3mFFkKmIcoRbO462gnw:9WadWvpIy5YPvwzn6Ii3skKm9WOdBw

    Score
    8/10
    bootkitdiscoveryevasionpersistencetrojan

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks