Overview

overview

8

Static

static

1

mqdefault.jpg

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mqdefault.jpg

  • Size

    5KB

  • Sample

    241012-edk86swdpk

  • MD5

    af71ada07516e4f3acea975ca36f52ff

  • SHA1

    43c9a4ed706b402576a6908630aa0d490a689add

  • SHA256

    4a25e487e6d4e9df6b0f5af17e4c9b02654a57079ae5b4dab2e5a248b98aa341

  • SHA512

    6a2cbf350f36e8db997525cdea1b0b8ec237f6f0359799bcfda5cf54e7e89b1337be3d716158688cbd47f7d4635ace099ebfe27ebe7b3460e34972d1b2ca4570

  • SSDEEP

    96:R9n4mTPND5l4HgGtEpD0N+AVo63IpNcpribrPRvvX+lHeu9qxQyugWvPpVRK7gV6:j4e7KHWpD0N5hNZibrdX3NxVuBXk7gV6

Score
8/10
bootkitdefense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      mqdefault.jpg

    • Size

      5KB

    • MD5

      af71ada07516e4f3acea975ca36f52ff

    • SHA1

      43c9a4ed706b402576a6908630aa0d490a689add

    • SHA256

      4a25e487e6d4e9df6b0f5af17e4c9b02654a57079ae5b4dab2e5a248b98aa341

    • SHA512

      6a2cbf350f36e8db997525cdea1b0b8ec237f6f0359799bcfda5cf54e7e89b1337be3d716158688cbd47f7d4635ace099ebfe27ebe7b3460e34972d1b2ca4570

    • SSDEEP

      96:R9n4mTPND5l4HgGtEpD0N+AVo63IpNcpribrPRvvX+lHeu9qxQyugWvPpVRK7gV6:j4e7KHWpD0N5hNZibrdX3NxVuBXk7gV6

    Score
    8/10
    bootkitdefense_evasiondiscoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks