00b5c0051cd1fcdd7b5aaba21d95aa282c00f26019a89cdd6cb2e65dee5fd8a4 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

59dcb76a3a...a7.exe

windows7-x64

7

59dcb76a3a...a7.exe

windows10-2004-x64

7

Sharing

General

Target

59dcb76a3a709c922dee44599804fea7.bin
Size

43.5MB
Sample

240701-cc3qqawdjl
MD5

59dcb76a3a709c922dee44599804fea7
SHA1

973aff7f4e3c61cd6d97a0a68376c669569edd54
SHA256

00b5c0051cd1fcdd7b5aaba21d95aa282c00f26019a89cdd6cb2e65dee5fd8a4
SHA512

dde390724de673c5a3bcaf8fd57a55d675d66216fe91c4914737d662d3d1f8f965709d050b03ccfda0df195c708bf248fed6e853de34dd05ce8dc1f8425e4b68
SSDEEP

786432:9wYnIe84d7m8/Mw5CaXv2S3IPlv5OqlICX1atGLJcez+yzqFqikJaaZRTdcH+wEu:9wYn7dX/uyv28Id5PlIQk0qeyOq8DrRC

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

59dcb76a3a709c922dee44599804fea7.exe

Resource

win7-20231129-en

bootkit discovery persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

59dcb76a3a709c922dee44599804fea7.exe

Resource

win10v2004-20240226-en

bootkit discovery persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  59dcb76a3a709c922dee44599804fea7.bin
- Size
  
  43.5MB
- MD5
  
  59dcb76a3a709c922dee44599804fea7
- SHA1
  
  973aff7f4e3c61cd6d97a0a68376c669569edd54
- SHA256
  
  00b5c0051cd1fcdd7b5aaba21d95aa282c00f26019a89cdd6cb2e65dee5fd8a4
- SHA512
  
  dde390724de673c5a3bcaf8fd57a55d675d66216fe91c4914737d662d3d1f8f965709d050b03ccfda0df195c708bf248fed6e853de34dd05ce8dc1f8425e4b68
- SSDEEP
  
  786432:9wYnIe84d7m8/Mw5CaXv2S3IPlv5OqlICX1atGLJcez+yzqFqikJaaZRTdcH+wEu:9wYn7dX/uyv28Id5PlIQk0qeyOq8DrRC
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy