Overview

overview

8

Static

static

5

aboaboabo.exe

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aboaboabo.zip

  • Size

    58KB

  • Sample

    241127-ll2z8axrfy

  • MD5

    59f4fc1a40884d7842981a0574b49288

  • SHA1

    0e86923f7ebfcd7f03a0ec256ec8bd983311da2b

  • SHA256

    1b2bef8bd218106bc53ab4f15307ec06430fc546e7a8a777522de196c4941d54

  • SHA512

    51a566cdee5c4fb9daac25d44b098edfe907926d7f0f460a69c1ac446296b4539dc2b86fe2bfb04cc37e29cad2f2486d31bcdcc3a5f88efbdd85e072efcc9aab

  • SSDEEP

    768:0Azwcuhw4FNpRRR/sYYxx1y85ri8gl7vvWmvbhvuH0GvIb5Y3mIzKPifPD3+A9AR:0DpLfLYvvrb8z20GiqPzZ9SAZYS4

Score
8/10
bootkitdiscoveryexploitpersistenceupx

Malware Config

Targets

    • Target

      aboaboabo.exe

    • Size

      102KB

    • MD5

      099d08e56a00ee754ca42a63f03f3bf0

    • SHA1

      9cd9254c2d43b3f660a72046161f47e7249bcd5f

    • SHA256

      0e01c4845c1a6d26bd24549fb0bd493a9c037c44b6c450ba6e68bb8f01287e35

    • SHA512

      bc39bd4b5e8c0f2b50f3c1b0ccfe56023f4dc2f8df669285e4d5a203f74da7a83d49181d2705252d944655a29656f10a25e13bbdcb127bf075aa12046f4f1f88

    • SSDEEP

      1536:I7pLfBYvvrb8v20GiIPzW8WQVvB2UTsa0imYFU47o9Tuui:IpLmvPK207GcQlIvYFx7oZo

    Score
    8/10
    bootkitdiscoveryexploitpersistenceupx

    • Possible privilege escalation attempt

      exploit

    • Modifies file permissions

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks