904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

904c12e0dd...03.exe

windows7-x64

7

904c12e0dd...03.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603
Size

6.3MB
Sample

240914-msf7rszgqc
MD5

f448ff220260ad675fc221ab47c1eea1
SHA1

935dd3e79a659fc590fd061464e0edc64e032cb9
SHA256

904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603
SHA512

c0a9f2327328c0c597c9f5cf9ed0b43dd6dd3e117059e41b1d7245e3d44641d74a6f929967bc40b0d3dfb77fdd758bcf1128b2b304df303d17e6351d77f10f60
SSDEEP

98304:Q1ROYXnwB6N/g2mCw6cB27OgUWZHw7saFCKuJJBAUZLRxl:0XwBjJff2sWGFCKsJV1xl

Score

7^/10

bootkit discovery persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603.exe

Resource

win7-20240903-en

bootkit discovery persistence upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603.exe

Resource

win10v2004-20240802-en

bootkit discovery persistence upx

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603
- Size
  
  6.3MB
- MD5
  
  f448ff220260ad675fc221ab47c1eea1
- SHA1
  
  935dd3e79a659fc590fd061464e0edc64e032cb9
- SHA256
  
  904c12e0dd68ecf4a385b3b51789da6d664f53ca520471b37ae057e3e4177603
- SHA512
  
  c0a9f2327328c0c597c9f5cf9ed0b43dd6dd3e117059e41b1d7245e3d44641d74a6f929967bc40b0d3dfb77fdd758bcf1128b2b304df303d17e6351d77f10f60
- SSDEEP
  
  98304:Q1ROYXnwB6N/g2mCw6cB27OgUWZHw7saFCKuJJBAUZLRxl:0XwBjJff2sWGFCKsJV1xl
Score

7^/10

bootkit discovery persistence upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistenceupx

behavioral2

bootkitdiscoverypersistenceupx

© 2018-2025

Terms | Privacy