ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74 | Triage

Submit
Reports

Overview

overview

6

Static

static

3

ba16dee640...74.exe

windows7-x64

6

ba16dee640...74.exe

windows10-2004-x64

6

Sharing

General

Target

ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74
Size

2.5MB
Sample

240701-f2zxxaxdjh
MD5

ee64bd09e57c2a36b8e356d96591fb44
SHA1

9b4829be60dc7143d2d55c9a872ee6009de2ce08
SHA256

ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74
SHA512

7a7be996caa61337046dfda601d8496073efa3ca55e622b934d1b1b2532c8887744e69270587e164e71d74ea23a12d18440ae4944691fa146d166abd5b5c932b
SSDEEP

49152:6xyuN3TiRnynwZMmERKwHSHQX6Na2KjaPpFFDR9puZOv4X:6MfyyMmmKwywqNaZjo

Score

6^/10

bootkit persistence

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74.exe

Resource

win7-20240508-en

bootkit persistence

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74.exe

Resource

win10v2004-20240508-en

bootkit persistence

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74
- Size
  
  2.5MB
- MD5
  
  ee64bd09e57c2a36b8e356d96591fb44
- SHA1
  
  9b4829be60dc7143d2d55c9a872ee6009de2ce08
- SHA256
  
  ba16dee640239b0cc16d2bf11a28971b79f0418de4d8e922bdc52ab5f1af0e74
- SHA512
  
  7a7be996caa61337046dfda601d8496073efa3ca55e622b934d1b1b2532c8887744e69270587e164e71d74ea23a12d18440ae4944691fa146d166abd5b5c932b
- SSDEEP
  
  49152:6xyuN3TiRnynwZMmERKwHSHQX6Na2KjaPpFFDR9puZOv4X:6MfyyMmmKwywqNaZjo
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence

© 2018-2024

Terms | Privacy