Overview

overview

8

Static

static

3

43c515cca1...bb.exe

windows7-x64

8

43c515cca1...bb.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43c515cca1a8890892b572ad8e58e6bc32f8fff2b9540ca116acd26a898582bb

  • Size

    10.0MB

  • Sample

    241129-p9zrjs1nhm

  • MD5

    bdf04e6f0595292ff10245420a44a0e8

  • SHA1

    d61854691f0b3bfc0c28d6f8fe4c4f1fecd87e19

  • SHA256

    43c515cca1a8890892b572ad8e58e6bc32f8fff2b9540ca116acd26a898582bb

  • SHA512

    90df546f49c24055a389f641cdff213d3a306e4dcb3c45270d3ea3e48336d18a19b36320ac1a89404aaca6777866156b70e9b7d7a6e746867230120dc2fa4f21

  • SSDEEP

    196608:pPj4U7gJUDzwzILSSWR4tA+NVRDPImrRz2k/IRrhBDtlLckE0qoQ1:pPWwcILSbRN+NVmmrRSk/erDtlLcKqoY

Score
8/10
bootkitdiscoverypersistence

Malware Config

Targets

    • Target

      43c515cca1a8890892b572ad8e58e6bc32f8fff2b9540ca116acd26a898582bb

    • Size

      10.0MB

    • MD5

      bdf04e6f0595292ff10245420a44a0e8

    • SHA1

      d61854691f0b3bfc0c28d6f8fe4c4f1fecd87e19

    • SHA256

      43c515cca1a8890892b572ad8e58e6bc32f8fff2b9540ca116acd26a898582bb

    • SHA512

      90df546f49c24055a389f641cdff213d3a306e4dcb3c45270d3ea3e48336d18a19b36320ac1a89404aaca6777866156b70e9b7d7a6e746867230120dc2fa4f21

    • SSDEEP

      196608:pPj4U7gJUDzwzILSSWR4tA+NVRDPImrRz2k/IRrhBDtlLckE0qoQ1:pPWwcILSbRN+NVmmrRSk/erDtlLcKqoY

    Score
    8/10
    bootkitdiscoverypersistence

    • Downloads MZ/PE file

    • Checks for any installed AV software in registry

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks