General

  • Target

    avast_free_antivirus_setup_online.exe

  • Size

    243KB

  • Sample

    241121-3ryneswmaq

  • MD5

    7cd70a554c28707e265823b92311c25a

  • SHA1

    a74552c7af45e5f43118a7397eb5cd82f5fe45fe

  • SHA256

    436148a87322be6ad24278b4ce0950ff167964b5b3a97e849654eda4cf62afc5

  • SHA512

    35e0db4557f59208f16ff245a52ae475db94826a13cf376ab420b14fc9a15018cb5d7ac85042c04626a48a15862ccf0ccc2d5d89d307b4dd9903bf60a6d65fe7

  • SSDEEP

    6144:skDOZargxSHmQv2+B9EwC/WQMeQsqJ7y:skDOymC2+7M+km7y

Malware Config

Targets

    • Target

      avast_free_antivirus_setup_online.exe

    • Size

      243KB

    • MD5

      7cd70a554c28707e265823b92311c25a

    • SHA1

      a74552c7af45e5f43118a7397eb5cd82f5fe45fe

    • SHA256

      436148a87322be6ad24278b4ce0950ff167964b5b3a97e849654eda4cf62afc5

    • SHA512

      35e0db4557f59208f16ff245a52ae475db94826a13cf376ab420b14fc9a15018cb5d7ac85042c04626a48a15862ccf0ccc2d5d89d307b4dd9903bf60a6d65fe7

    • SSDEEP

      6144:skDOZargxSHmQv2+B9EwC/WQMeQsqJ7y:skDOymC2+7M+km7y

    • Checks for any installed AV software in registry

    • Downloads MZ/PE file

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks