974a20e3681cbedd1674c4fadacf1481e6e7f1985f69589caf37313464fa1a19 | Triage

Sharing

General

Target

974a20e3681cbedd1674c4fadacf1481e6e7f1985f69589caf37313464fa1a19
Size

216KB
Sample

220520-e42nvacger
MD5

3b23e12bff983d52dbca22c700e9338a
SHA1

52dcde5bc8934ab70b76a21f6a559626129834c6
SHA256

974a20e3681cbedd1674c4fadacf1481e6e7f1985f69589caf37313464fa1a19
SHA512

991fd833b1a3363680fa35cf709c39a9bce426d6e6e0d0453b7fe263a5b0f2174f9eacdc8e03d468c6001e2b25f4eb1a27b391fcb05ad0237d6cab6397740426

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  974a20e3681cbedd1674c4fadacf1481e6e7f1985f69589caf37313464fa1a19
- Size
  
  216KB
- MD5
  
  3b23e12bff983d52dbca22c700e9338a
- SHA1
  
  52dcde5bc8934ab70b76a21f6a559626129834c6
- SHA256
  
  974a20e3681cbedd1674c4fadacf1481e6e7f1985f69589caf37313464fa1a19
- SHA512
  
  991fd833b1a3363680fa35cf709c39a9bce426d6e6e0d0453b7fe263a5b0f2174f9eacdc8e03d468c6001e2b25f4eb1a27b391fcb05ad0237d6cab6397740426
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence