ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

ede4c35b20...b0.exe

windows7-x64

7

ede4c35b20...b0.exe

windows10-2004-x64

7

Sharing

General

Target

ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0
Size

2.8MB
Sample

240630-st4x4szdne
MD5

e5dcef6b17cf98f97f402cbc331b3f27
SHA1

39bc6c23eaa1ed9343d18d906f7b493237a69522
SHA256

ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0
SHA512

737d87b8d3a5323eaf6aa8c6ac999540c924ef5ac551f5b2d9945629954b68ccfd4a7f67c8ef8db6698f0f8c82694dc057a47fa7d78e8269bd9e5052718f22fe
SSDEEP

49152:tXUSrKkiq+MxZ3B8qYJquXlwiMf2ThF8/Oluwrj3NLT+6/FDrWeXulwLDA:tXU/3EBoJquXEeTDrjw8rWOuj

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0.exe

Resource

win7-20240221-en

bootkit persistence upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0.exe

Resource

win10v2004-20240508-en

bootkit persistence upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0
- Size
  
  2.8MB
- MD5
  
  e5dcef6b17cf98f97f402cbc331b3f27
- SHA1
  
  39bc6c23eaa1ed9343d18d906f7b493237a69522
- SHA256
  
  ede4c35b20f26e3468f7a6b1b6e7182d9adcb7d4713aad1b4e91866028e681b0
- SHA512
  
  737d87b8d3a5323eaf6aa8c6ac999540c924ef5ac551f5b2d9945629954b68ccfd4a7f67c8ef8db6698f0f8c82694dc057a47fa7d78e8269bd9e5052718f22fe
- SSDEEP
  
  49152:tXUSrKkiq+MxZ3B8qYJquXlwiMf2ThF8/Oluwrj3NLT+6/FDrWeXulwLDA:tXU/3EBoJquXEeTDrjw8rWOuj
Score

7^/10

bootkit persistence upx
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2024

Terms | Privacy