5539897cb4fad82316a3053abe70ca1ec47e55d6f5a0c741d7e513e8dffeb57c | Triage

Submit
Reports

Overview

overview

7

Static

static

3

e7fd882038...cc.exe

windows7-x64

7

e7fd882038...cc.exe

windows10-2004-x64

7

Sharing

General

Target

e7fd882038bd488e4efd7b8caaa49bcc.bin
Size

41.9MB
Sample

240701-ehl19svhrb
MD5

e7fd882038bd488e4efd7b8caaa49bcc
SHA1

f30f6c5daf7cf4fa260496702016e8648cac913a
SHA256

5539897cb4fad82316a3053abe70ca1ec47e55d6f5a0c741d7e513e8dffeb57c
SHA512

01f2c8a3eaa9aa118aacfd549c5d66d950825c6fc49629b1bf8b3cabdb347662a1459e64c775d2d36c19bc529dc657a35062d9f624c6d3a432e09fa682ad3266
SSDEEP

786432:9wYnIe84d7m8/Mw5CaXv2S3IPlv5OqlICX1atGLJcez+yzqFqikJaaZRTdn:9wYn7dX/uyv28Id5PlIQk0qeyOq8DrRt

Score

7^/10

bootkit discovery persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e7fd882038bd488e4efd7b8caaa49bcc.exe

Resource

win7-20240221-en

bootkit discovery persistence

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

e7fd882038bd488e4efd7b8caaa49bcc.exe

Resource

win10v2004-20240508-en

bootkit discovery persistence

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  e7fd882038bd488e4efd7b8caaa49bcc.bin
- Size
  
  41.9MB
- MD5
  
  e7fd882038bd488e4efd7b8caaa49bcc
- SHA1
  
  f30f6c5daf7cf4fa260496702016e8648cac913a
- SHA256
  
  5539897cb4fad82316a3053abe70ca1ec47e55d6f5a0c741d7e513e8dffeb57c
- SHA512
  
  01f2c8a3eaa9aa118aacfd549c5d66d950825c6fc49629b1bf8b3cabdb347662a1459e64c775d2d36c19bc529dc657a35062d9f624c6d3a432e09fa682ad3266
- SSDEEP
  
  786432:9wYnIe84d7m8/Mw5CaXv2S3IPlv5OqlICX1atGLJcez+yzqFqikJaaZRTdn:9wYn7dX/uyv28Id5PlIQk0qeyOq8DrRt
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

© 2018-2024

Terms | Privacy