3f00099ede846c9378cad7387f4b82d2a97133cb0ee7f9ea71a3adaf8af6db94 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

ac494ba669...21.exe

windows7-x64

7

ac494ba669...21.exe

windows10-2004-x64

7

Sharing

General

Target

ac494ba6698af93ffacd4bca01e5b121.bin
Size

43.5MB
Sample

240630-dvt2zatapb
MD5

ac494ba6698af93ffacd4bca01e5b121
SHA1

3337b1ae117bfbe4ddaed6f83326cb86ba923e6d
SHA256

3f00099ede846c9378cad7387f4b82d2a97133cb0ee7f9ea71a3adaf8af6db94
SHA512

080c5f3cb93cb8fa5fb5df9f948be65361ad0021cebdd23ed6f661a04fb0757e81c1eda84b2f07c87669bcfcb41483aded4f65b7838b74bf4fd5e84ce799e17a
SSDEEP

786432:xwvnIe84yEZwcCUmeaeYzeyChA/tQ1/BJ754U/Hz4gQ7sCZzEECamVX8W:xwvn7yBVea3zFCK/8J75RvzZ6EEgVl

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ac494ba6698af93ffacd4bca01e5b121.exe

Resource

win7-20240611-en

bootkit discovery persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ac494ba6698af93ffacd4bca01e5b121.exe

Resource

win10v2004-20240226-en

bootkit discovery persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  ac494ba6698af93ffacd4bca01e5b121.bin
- Size
  
  43.5MB
- MD5
  
  ac494ba6698af93ffacd4bca01e5b121
- SHA1
  
  3337b1ae117bfbe4ddaed6f83326cb86ba923e6d
- SHA256
  
  3f00099ede846c9378cad7387f4b82d2a97133cb0ee7f9ea71a3adaf8af6db94
- SHA512
  
  080c5f3cb93cb8fa5fb5df9f948be65361ad0021cebdd23ed6f661a04fb0757e81c1eda84b2f07c87669bcfcb41483aded4f65b7838b74bf4fd5e84ce799e17a
- SSDEEP
  
  786432:xwvnIe84yEZwcCUmeaeYzeyChA/tQ1/BJ754U/Hz4gQ7sCZzEECamVX8W:xwvn7yBVea3zFCK/8J75RvzZ6EEgVl
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy