Overview

overview

6

Static

static

3

2024-06-29...ba.exe

windows7-x64

6

2024-06-29...ba.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-29_423693d44b0bbe83999ed59f525eea08_hacktools_xiaoba

  • Size

    4.0MB

  • Sample

    240629-g6r9asselg

  • MD5

    423693d44b0bbe83999ed59f525eea08

  • SHA1

    7571c6bcb22261e0aa8284810a96afb8ece75bfd

  • SHA256

    cbd8e31f4bfd4aad05ff248ae1f858e1aad677141943fa117a727949b50b3bd2

  • SHA512

    2cf99ca979a19b43a9f696fb26750f3337540823bf81ff059351b8cb74e1678f70ea65223847f4d80ea29c8709d903d7207584bd61473d6a9143e6f26a8d7fb8

  • SSDEEP

    98304:6N8cgKsjxumgyd10IavFlG4vNzkQZvaJBAUZLMl:6N8cgKsjxumgyd1Y74JVol

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      2024-06-29_423693d44b0bbe83999ed59f525eea08_hacktools_xiaoba

    • Size

      4.0MB

    • MD5

      423693d44b0bbe83999ed59f525eea08

    • SHA1

      7571c6bcb22261e0aa8284810a96afb8ece75bfd

    • SHA256

      cbd8e31f4bfd4aad05ff248ae1f858e1aad677141943fa117a727949b50b3bd2

    • SHA512

      2cf99ca979a19b43a9f696fb26750f3337540823bf81ff059351b8cb74e1678f70ea65223847f4d80ea29c8709d903d7207584bd61473d6a9143e6f26a8d7fb8

    • SSDEEP

      98304:6N8cgKsjxumgyd10IavFlG4vNzkQZvaJBAUZLMl:6N8cgKsjxumgyd1Y74JVol

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks