d76d821710495686c404cd23de38da5776b2826d6814192e63198c8b1c7df68e | Triage

Submit
Reports

Overview

overview

7

Static

static

3

25c55b3375...d3.exe

windows7-x64

7

25c55b3375...d3.exe

windows10-2004-x64

7

Sharing

General

Target

25c55b3375e83d2468334b7b4a0890d3.bin
Size

43.5MB
Sample

240701-bqt53avfmm
MD5

25c55b3375e83d2468334b7b4a0890d3
SHA1

d8e901fe2d6adf9309aa8627306742baa4d0a38b
SHA256

d76d821710495686c404cd23de38da5776b2826d6814192e63198c8b1c7df68e
SHA512

ab311bebf707d359193423df2e3b216ce91c81cbab7a76fa2b4cfb4ef8256b5d66e29ba89c99009c035ee81d4dfc3be929584f38711a62e9e8fbbd83c6a4db1a
SSDEEP

786432:9wYnIe84d7m8/Mw5CaXv2S3IPlv5OqlICX1atGLJcez+yzqFqikJaaZRTdcH+wEj:9wYn7dX/uyv28Id5PlIQk0qeyOq8DrRv

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

25c55b3375e83d2468334b7b4a0890d3.exe

Resource

win7-20240508-en

bootkit discovery persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

25c55b3375e83d2468334b7b4a0890d3.exe

Resource

win10v2004-20240508-en

bootkit discovery persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  25c55b3375e83d2468334b7b4a0890d3.bin
- Size
  
  43.5MB
- MD5
  
  25c55b3375e83d2468334b7b4a0890d3
- SHA1
  
  d8e901fe2d6adf9309aa8627306742baa4d0a38b
- SHA256
  
  d76d821710495686c404cd23de38da5776b2826d6814192e63198c8b1c7df68e
- SHA512
  
  ab311bebf707d359193423df2e3b216ce91c81cbab7a76fa2b4cfb4ef8256b5d66e29ba89c99009c035ee81d4dfc3be929584f38711a62e9e8fbbd83c6a4db1a
- SSDEEP
  
  786432:9wYnIe84d7m8/Mw5CaXv2S3IPlv5OqlICX1atGLJcez+yzqFqikJaaZRTdcH+wEj:9wYn7dX/uyv28Id5PlIQk0qeyOq8DrRv
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy