018eb3894f7c2e9a51c97ebb23fd7e05b2ce6e73eb22977484757c452cc40de7 | Triage

Sharing

General

Target

018eb3894f7c2e9a51c97ebb23fd7e05b2ce6e73eb22977484757c452cc40de7
Size

341KB
Sample

220523-xthr4aceh7
MD5

4c29b2d5000284111a55d53ee169b083
SHA1

7702bef4c838c764232974fe662f04750f950113
SHA256

018eb3894f7c2e9a51c97ebb23fd7e05b2ce6e73eb22977484757c452cc40de7
SHA512

ccdff7c22fdc18c1a7a8d568626fbd8a6daa01f31ab2fc87c3f1ae93564bbf0bf88d1d9af5d6ef44bf19df2c9af89b6e555082412745818c5843803dcd28b689

Score

8^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  018eb3894f7c2e9a51c97ebb23fd7e05b2ce6e73eb22977484757c452cc40de7
- Size
  
  341KB
- MD5
  
  4c29b2d5000284111a55d53ee169b083
- SHA1
  
  7702bef4c838c764232974fe662f04750f950113
- SHA256
  
  018eb3894f7c2e9a51c97ebb23fd7e05b2ce6e73eb22977484757c452cc40de7
- SHA512
  
  ccdff7c22fdc18c1a7a8d568626fbd8a6daa01f31ab2fc87c3f1ae93564bbf0bf88d1d9af5d6ef44bf19df2c9af89b6e555082412745818c5843803dcd28b689
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence