Overview

overview

7

Static

static

7

7ebe20d32a...09.exe

windows7-x64

7

7ebe20d32a...09.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    7ebe20d32ae76e2c50112609a0870edb6f37c47890cdf59c0dca67f5e61f6a09

  • Size

    1.9MB

  • Sample

    240908-ybes6asbrm

  • MD5

    c883dc5e9aa83eeda8dab7212f0cc99d

  • SHA1

    c039eb67011aa3600775cf4a44e12fb08c79aa81

  • SHA256

    7ebe20d32ae76e2c50112609a0870edb6f37c47890cdf59c0dca67f5e61f6a09

  • SHA512

    425e74a4a0769d4c61f5fee64c246fd18fd4d198ba698047025228e75725c9f0c06df43d0a1b7c943cc692a27980fb2c93ddb0083e273cce397c198877440449

  • SSDEEP

    49152:SG0IoUOVQHYlbv6woiIBiojax9EHJ9IzDh3BRxH3ujHVUSh:OXVQHwbhoZBiaax9EHJ9IzdB/H3cHqSh

Score
7/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      7ebe20d32ae76e2c50112609a0870edb6f37c47890cdf59c0dca67f5e61f6a09

    • Size

      1.9MB

    • MD5

      c883dc5e9aa83eeda8dab7212f0cc99d

    • SHA1

      c039eb67011aa3600775cf4a44e12fb08c79aa81

    • SHA256

      7ebe20d32ae76e2c50112609a0870edb6f37c47890cdf59c0dca67f5e61f6a09

    • SHA512

      425e74a4a0769d4c61f5fee64c246fd18fd4d198ba698047025228e75725c9f0c06df43d0a1b7c943cc692a27980fb2c93ddb0083e273cce397c198877440449

    • SSDEEP

      49152:SG0IoUOVQHYlbv6woiIBiojax9EHJ9IzDh3BRxH3ujHVUSh:OXVQHwbhoZBiaax9EHJ9IzdB/H3cHqSh

    Score
    7/10
    bootkitdiscoverypersistenceupx

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks