Overview

overview

7

Static

static

7

RGSS200J.dll

windows7-x64

6

RGSS200J.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    RGSS200J.dll

  • Size

    786KB

  • Sample

    240630-qg5mrs1gqq

  • MD5

    cf4cd93b9bf908f6864d7aa9a1f063cc

  • SHA1

    1fe1f83cc97bd04066a94e832838f802ad1a6fe7

  • SHA256

    c0fc024497229a12425fb6d2196b234a7bab0119470f8a36bea602e0d4a14d56

  • SHA512

    9f56ad6dc351427a71a5d4350d18df8d64b80661d3166d1a5cf7c51f1d7471d1a54e1b93b255148963fd0c16e2d3307fafc0c041f166ea3b8d70a9112473b9d2

  • SSDEEP

    24576:rfV/i2zUQL8sITHgG0ssFDmIewysf7N8S8j7t7MP+h2b:r5i2zUo8xTHgGfsFDmrI2SzR

Score
7/10
aspackv2bootkitpersistence

Malware Config

Targets

    • Target

      RGSS200J.dll

    • Size

      786KB

    • MD5

      cf4cd93b9bf908f6864d7aa9a1f063cc

    • SHA1

      1fe1f83cc97bd04066a94e832838f802ad1a6fe7

    • SHA256

      c0fc024497229a12425fb6d2196b234a7bab0119470f8a36bea602e0d4a14d56

    • SHA512

      9f56ad6dc351427a71a5d4350d18df8d64b80661d3166d1a5cf7c51f1d7471d1a54e1b93b255148963fd0c16e2d3307fafc0c041f166ea3b8d70a9112473b9d2

    • SSDEEP

      24576:rfV/i2zUQL8sITHgG0ssFDmIewysf7N8S8j7t7MP+h2b:r5i2zUo8xTHgGfsFDmrI2SzR

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks