General
-
Target
startup.exe
-
Size
2.6MB
-
Sample
240915-aqejyavhqe
-
MD5
ecafde6855179b29d166bc3396f4fc12
-
SHA1
5a882dde362d7690fb6a3533cefa03663abd09f2
-
SHA256
3845ebbb8a0af759606ccf0533166fccdab3b842274cabcb292719da9cb5694a
-
SHA512
8110e43384d7c09a59499cd153eb4311ee96d941f793d7c7f853a94b50d5efba5fe87c94150c1d68f8d80d25657e1d33e47a6644d932de8b3da661024809e7e0
-
SSDEEP
49152:S47Nlau3ZvJvDr4sGszFPpxoJswX8aVGx0Cng4BKNJ8Srga6pxX:SeNlau39JNGyzxEsk5ozJSrn63
Malware Config
Targets
-
-
Target
startup.exe
-
Size
2.6MB
-
MD5
ecafde6855179b29d166bc3396f4fc12
-
SHA1
5a882dde362d7690fb6a3533cefa03663abd09f2
-
SHA256
3845ebbb8a0af759606ccf0533166fccdab3b842274cabcb292719da9cb5694a
-
SHA512
8110e43384d7c09a59499cd153eb4311ee96d941f793d7c7f853a94b50d5efba5fe87c94150c1d68f8d80d25657e1d33e47a6644d932de8b3da661024809e7e0
-
SSDEEP
49152:S47Nlau3ZvJvDr4sGszFPpxoJswX8aVGx0Cng4BKNJ8Srga6pxX:SeNlau39JNGyzxEsk5ozJSrn63
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks for any installed AV software in registry
-
Checks whether UAC is enabled
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Pre-OS Boot
1Bootkit
1Subvert Trust Controls
1Install Root Certificate
1