Overview

overview

7

Static

static

3

baa7338fd0...a5.exe

windows7-x64

7

baa7338fd0...a5.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    baa7338fd0b2957f79ec5e12713d001116b209fa56fe1ae58f6b065ba77a9ba5

  • Size

    4.8MB

  • Sample

    240927-kjw6hstflk

  • MD5

    0198300759d55ad2a1c4b75432490c37

  • SHA1

    e32a21a9cb93e5f31acb68ec429bc758d30a8d69

  • SHA256

    baa7338fd0b2957f79ec5e12713d001116b209fa56fe1ae58f6b065ba77a9ba5

  • SHA512

    9b7a8da059ddde7c08e15e83edbf40c34a53743bf0cf43a63f69e47444250e1ac5a98751beca1cbf0e2c3e73dca04cb2ef637d8b85d86ea662619df40065f0a4

  • SSDEEP

    98304:RVeM4VwHuokyfO8PGcx2HynIiprw0F80XZMfjt:XAVw+kx2SnIe84Cjt

Score
7/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      baa7338fd0b2957f79ec5e12713d001116b209fa56fe1ae58f6b065ba77a9ba5

    • Size

      4.8MB

    • MD5

      0198300759d55ad2a1c4b75432490c37

    • SHA1

      e32a21a9cb93e5f31acb68ec429bc758d30a8d69

    • SHA256

      baa7338fd0b2957f79ec5e12713d001116b209fa56fe1ae58f6b065ba77a9ba5

    • SHA512

      9b7a8da059ddde7c08e15e83edbf40c34a53743bf0cf43a63f69e47444250e1ac5a98751beca1cbf0e2c3e73dca04cb2ef637d8b85d86ea662619df40065f0a4

    • SSDEEP

      98304:RVeM4VwHuokyfO8PGcx2HynIiprw0F80XZMfjt:XAVw+kx2SnIe84Cjt

    Score
    7/10
    bootkitdiscoverypersistence

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks