Overview

overview

8

Static

static

5

X.exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    X.exe

  • Size

    102KB

  • Sample

    241127-h8ddlatlhs

  • MD5

    ee9f2554cdcbd39e2b39962f1e7afe36

  • SHA1

    a987a60fceec3b3e1bc14b5dcb7a8985af9bf61d

  • SHA256

    f3b4bae7a22377555872f096b9ec176220734206d932e34d0e00ab43aa7086e8

  • SHA512

    977ce766a806f81ac80e398810da229ca03992e270cc5d7fa258ac266d5bf6968b330354dfb29b8d5bc29927e54e0662878a44f523561590500880c36835fb68

  • SSDEEP

    1536:985VEH2aNU2o5DX776Nc8mSsQWUYXtJWi/t23z52s0imYFU47o9Tuui:9sE2aNU2WDX7+NEUri42vYFx7oZo

Score
8/10
bootkitdiscoveryexploitpersistenceupx

Malware Config

Targets

    • Target

      X.exe

    • Size

      102KB

    • MD5

      ee9f2554cdcbd39e2b39962f1e7afe36

    • SHA1

      a987a60fceec3b3e1bc14b5dcb7a8985af9bf61d

    • SHA256

      f3b4bae7a22377555872f096b9ec176220734206d932e34d0e00ab43aa7086e8

    • SHA512

      977ce766a806f81ac80e398810da229ca03992e270cc5d7fa258ac266d5bf6968b330354dfb29b8d5bc29927e54e0662878a44f523561590500880c36835fb68

    • SSDEEP

      1536:985VEH2aNU2o5DX776Nc8mSsQWUYXtJWi/t23z52s0imYFU47o9Tuui:9sE2aNU2WDX7+NEUri42vYFx7oZo

    Score
    8/10
    bootkitdiscoveryexploitpersistenceupx

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks