General

  • Target

    2024-11-22_281ae2bf4b68c9a55fdb6d7097f95867_avoslocker_luca-stealer

  • Size

    4.5MB

  • Sample

    241122-b6qsks1qfv

  • MD5

    281ae2bf4b68c9a55fdb6d7097f95867

  • SHA1

    aeb3a41228bbfd25a03316b5c2308607a0c1563b

  • SHA256

    c7cfad37ad88f14ee55cc916e8355ac96a6cb98a66541a8023ae7ecea82c015c

  • SHA512

    bc0560c9d91ed353785e4c509db9fce72e2bd7e54ef97be473e761e79005207b8dcace380b5fad7ee52ff236b11d6a1741883c14317d01dba7b7451dbf8eac0a

  • SSDEEP

    98304:qWqq+Mb+DyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:qWauWvjIy5YPvwzn7N/rTAYAZK6jyw

Malware Config

Targets

    • Target

      2024-11-22_281ae2bf4b68c9a55fdb6d7097f95867_avoslocker_luca-stealer

    • Size

      4.5MB

    • MD5

      281ae2bf4b68c9a55fdb6d7097f95867

    • SHA1

      aeb3a41228bbfd25a03316b5c2308607a0c1563b

    • SHA256

      c7cfad37ad88f14ee55cc916e8355ac96a6cb98a66541a8023ae7ecea82c015c

    • SHA512

      bc0560c9d91ed353785e4c509db9fce72e2bd7e54ef97be473e761e79005207b8dcace380b5fad7ee52ff236b11d6a1741883c14317d01dba7b7451dbf8eac0a

    • SSDEEP

      98304:qWqq+Mb+DyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:qWauWvjIy5YPvwzn7N/rTAYAZK6jyw

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks