Overview

overview

8

Static

static

1

sample.html

windows11-21h2-x64

Resubmissions

01-07-2024 08:06

240701-jzt6estfnk 10

01-07-2024 07:58

240701-jtyawszfnf 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sample

  • Size

    491KB

  • Sample

    240701-jtyawszfnf

  • MD5

    a9be6fcebb5e22c8f5e0fb79f6e8f1f6

  • SHA1

    72083cb2d34dcdf734c4878907eee72497597131

  • SHA256

    0dda8ff5aa00f1b131c18ebaa3ecbf0689e106f382ad305542dd5297648513f0

  • SHA512

    0ada6be8dbd4e538ea69f8b507ed376cbd7038af344b08ac0ce846bdd366a3ef9e6f9df1ec6cfdfab13808faf19fb3d8d32ed9242ffad727d24768e50884b23e

  • SSDEEP

    6144:SDEYAYSAY0AY3AYeAYPAYPAYbAYaAYyAYT9bD:SrA7AXA4AfAgA8A+ALABA4bD

Score
8/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      sample

    • Size

      491KB

    • MD5

      a9be6fcebb5e22c8f5e0fb79f6e8f1f6

    • SHA1

      72083cb2d34dcdf734c4878907eee72497597131

    • SHA256

      0dda8ff5aa00f1b131c18ebaa3ecbf0689e106f382ad305542dd5297648513f0

    • SHA512

      0ada6be8dbd4e538ea69f8b507ed376cbd7038af344b08ac0ce846bdd366a3ef9e6f9df1ec6cfdfab13808faf19fb3d8d32ed9242ffad727d24768e50884b23e

    • SSDEEP

      6144:SDEYAYSAY0AY3AYeAYPAYPAYbAYaAYyAYT9bD:SrA7AXA4AfAgA8A+ALABA4bD

    Score
    8/10
    bootkitpersistenceupx

    • Downloads MZ/PE file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks