8155c20dfd5bd11a8a7e6fbb993c8eb7541ff7164a4f1e0468577a572962910c | Triage

Submit
Reports

Overview

overview

7

Static

static

3

ae29b4ecc8...21.exe

windows7-x64

7

ae29b4ecc8...21.exe

windows10-2004-x64

7

Sharing

General

Target

ae29b4ecc86770671a65c6922c829421.bin
Size

43.5MB
Sample

240630-dznqratbmh
MD5

ae29b4ecc86770671a65c6922c829421
SHA1

77f425eeb5a1ab26d05a795dcc81731d0c7d7ea1
SHA256

8155c20dfd5bd11a8a7e6fbb993c8eb7541ff7164a4f1e0468577a572962910c
SHA512

015ff3de6bb59d74e415038e27512c3144a17b3baa19939301a934a8232102ae336dac406df6c65386082a126195d6f74cfcc554aee2fb35851ea4c4f2caf495
SSDEEP

786432:xwvnIe84yEZwcCUmeaeYzeyChA/tQ1/BJ754U/Hz4gQ7sCZzEECamVXH:xwvn7yBVea3zFCK/8J75RvzZ6EEgV3

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ae29b4ecc86770671a65c6922c829421.exe

Resource

win7-20240419-en

bootkit discovery persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ae29b4ecc86770671a65c6922c829421.exe

Resource

win10v2004-20240508-en

bootkit discovery persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  ae29b4ecc86770671a65c6922c829421.bin
- Size
  
  43.5MB
- MD5
  
  ae29b4ecc86770671a65c6922c829421
- SHA1
  
  77f425eeb5a1ab26d05a795dcc81731d0c7d7ea1
- SHA256
  
  8155c20dfd5bd11a8a7e6fbb993c8eb7541ff7164a4f1e0468577a572962910c
- SHA512
  
  015ff3de6bb59d74e415038e27512c3144a17b3baa19939301a934a8232102ae336dac406df6c65386082a126195d6f74cfcc554aee2fb35851ea4c4f2caf495
- SSDEEP
  
  786432:xwvnIe84yEZwcCUmeaeYzeyChA/tQ1/BJ754U/Hz4gQ7sCZzEECamVXH:xwvn7yBVea3zFCK/8J75RvzZ6EEgV3
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy