General

  • Target

    a42d92ceb93372a26bc095623eefb277ccd3f937578e709c15cdd3d9a3343b75

  • Size

    10.5MB

  • Sample

    241031-mbxs7avlat

  • MD5

    28fd0b56eddc4a94726bbf4b6f439cd9

  • SHA1

    32519f89f26190d7b404a802f453e10a2fb274ee

  • SHA256

    a42d92ceb93372a26bc095623eefb277ccd3f937578e709c15cdd3d9a3343b75

  • SHA512

    27c46a10a6407deceeea8a2c7044996b212861d77f7b194b00808eda9f0675b2dd635fff16d9505287daf84350b109e57a0b0a6679cf7f90259f9886789171c7

  • SSDEEP

    196608:Qw0ZF1Duj95x4pxeseI/f3DpakQ4O1j7sQarVQnzFU/7qRjbWBo:7UbuJ5x4feYoRRNaqS/7qRjbW+

Malware Config

Targets

    • Target

      a42d92ceb93372a26bc095623eefb277ccd3f937578e709c15cdd3d9a3343b75

    • Size

      10.5MB

    • MD5

      28fd0b56eddc4a94726bbf4b6f439cd9

    • SHA1

      32519f89f26190d7b404a802f453e10a2fb274ee

    • SHA256

      a42d92ceb93372a26bc095623eefb277ccd3f937578e709c15cdd3d9a3343b75

    • SHA512

      27c46a10a6407deceeea8a2c7044996b212861d77f7b194b00808eda9f0675b2dd635fff16d9505287daf84350b109e57a0b0a6679cf7f90259f9886789171c7

    • SSDEEP

      196608:Qw0ZF1Duj95x4pxeseI/f3DpakQ4O1j7sQarVQnzFU/7qRjbWBo:7UbuJ5x4feYoRRNaqS/7qRjbW+

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks