Overview

overview

7

Static

static

3

e0b38587e4...da.exe

windows7-x64

7

e0b38587e4...da.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e0b38587e45a8d04166f79693099ef8b33efc7c8f047e10f56973eeb463a5ada

  • Size

    14.2MB

  • Sample

    240629-y9k3tsvhjc

  • MD5

    d3f21493a226b5dc449384e9511b6473

  • SHA1

    97f2576a57677f3215cbe1df629c6054cda573d5

  • SHA256

    e0b38587e45a8d04166f79693099ef8b33efc7c8f047e10f56973eeb463a5ada

  • SHA512

    5fd31d00b8dfa3191f9720ab35e3ba325e5db1ad9202788dd3562005f08cfc46d5b6c796ed0dcf83dc1f570bc393c4996b0a1aa26ddfb3d75532e21b7de98fc5

  • SSDEEP

    393216:pgKtpMJNz9p20jv1PBMudOmRNYl7EUus9:poDwM9Piud5jYlX

Score
7/10
bootkitpersistence

Malware Config

Targets

    • Target

      e0b38587e45a8d04166f79693099ef8b33efc7c8f047e10f56973eeb463a5ada

    • Size

      14.2MB

    • MD5

      d3f21493a226b5dc449384e9511b6473

    • SHA1

      97f2576a57677f3215cbe1df629c6054cda573d5

    • SHA256

      e0b38587e45a8d04166f79693099ef8b33efc7c8f047e10f56973eeb463a5ada

    • SHA512

      5fd31d00b8dfa3191f9720ab35e3ba325e5db1ad9202788dd3562005f08cfc46d5b6c796ed0dcf83dc1f570bc393c4996b0a1aa26ddfb3d75532e21b7de98fc5

    • SSDEEP

      393216:pgKtpMJNz9p20jv1PBMudOmRNYl7EUus9:poDwM9Piud5jYlX

    Score
    7/10
    bootkitpersistence

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks