Overview

overview

8

Static

static

3

2024-11-20...er.exe

windows7-x64

8

2024-11-20...er.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-20_fd6b8f68b8676e17e6860c429065673f_avoslocker_luca-stealer

  • Size

    4.6MB

  • Sample

    241120-c4hjvszarp

  • MD5

    fd6b8f68b8676e17e6860c429065673f

  • SHA1

    398b9c1b6da5698a3976ab2aaf2d3a8ca68a01ad

  • SHA256

    894088e91cd5d8503b93a13a05e18e9efd658b4924f337a5a4dc30e07219adcb

  • SHA512

    e06624bb3e15023ea467a6850f2f455a7fb4315552d714395f98d6746a7f84ab557a42075f19f56eb4b90825a082e7a96a7fce1c6c4e9f56138a80316f7c737d

  • SSDEEP

    98304:tWqq+Mb+1yWvvIy5YFWAvwznlaFrTpa1syJ41L4o8nw:tWaQWvvIy5YPvwznlePI1V+2o8w

Score
8/10
bootkitdiscoveryevasionpersistencetrojan

Malware Config

Targets

    • Target

      2024-11-20_fd6b8f68b8676e17e6860c429065673f_avoslocker_luca-stealer

    • Size

      4.6MB

    • MD5

      fd6b8f68b8676e17e6860c429065673f

    • SHA1

      398b9c1b6da5698a3976ab2aaf2d3a8ca68a01ad

    • SHA256

      894088e91cd5d8503b93a13a05e18e9efd658b4924f337a5a4dc30e07219adcb

    • SHA512

      e06624bb3e15023ea467a6850f2f455a7fb4315552d714395f98d6746a7f84ab557a42075f19f56eb4b90825a082e7a96a7fce1c6c4e9f56138a80316f7c737d

    • SSDEEP

      98304:tWqq+Mb+1yWvvIy5YFWAvwznlaFrTpa1syJ41L4o8nw:tWaQWvvIy5YPvwznlePI1V+2o8w

    Score
    8/10
    bootkitdiscoveryevasionpersistencetrojan

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks