Overview

overview

6

Static

static

5

1ba2b07116...bN.exe

windows7-x64

6

1ba2b07116...bN.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    1ba2b07116f1ca4d0bab97dfe7d4f25f97bfa29a3fb5014d3e1ed7d1e706b5dbN

  • Size

    241KB

  • Sample

    241004-gqjbfsxhnk

  • MD5

    ff80e7051bbb2db8d73d3eef0ec07e10

  • SHA1

    20aba565d7e6fa106672d6a857e2e206a7a61d15

  • SHA256

    1ba2b07116f1ca4d0bab97dfe7d4f25f97bfa29a3fb5014d3e1ed7d1e706b5db

  • SHA512

    81604208274b473fec1f4f1fde1104df542bc2a636650ed803b876f01415cec8652ad8dd5ff519a1415bdc41c1a83c1005021295ce68cc0836dae63f0c2c2437

  • SSDEEP

    6144:+keENDvTSn2SV/GuhYdViC7X57+nMqe8IDbc8mj:+NEND/k/GLPX57+nfe1Duj

Score
6/10
bootkitdiscoverypersistenceupx

Malware Config

Targets

    • Target

      1ba2b07116f1ca4d0bab97dfe7d4f25f97bfa29a3fb5014d3e1ed7d1e706b5dbN

    • Size

      241KB

    • MD5

      ff80e7051bbb2db8d73d3eef0ec07e10

    • SHA1

      20aba565d7e6fa106672d6a857e2e206a7a61d15

    • SHA256

      1ba2b07116f1ca4d0bab97dfe7d4f25f97bfa29a3fb5014d3e1ed7d1e706b5db

    • SHA512

      81604208274b473fec1f4f1fde1104df542bc2a636650ed803b876f01415cec8652ad8dd5ff519a1415bdc41c1a83c1005021295ce68cc0836dae63f0c2c2437

    • SSDEEP

      6144:+keENDvTSn2SV/GuhYdViC7X57+nMqe8IDbc8mj:+NEND/k/GLPX57+nfe1Duj

    Score
    6/10
    bootkitdiscoverypersistenceupx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks