01469776924091f125e2d55aea94f5f48b4e0f32200175451a3991a99287d19e | Triage

Sharing

General

Target

01469776924091f125e2d55aea94f5f48b4e0f32200175451a3991a99287d19e
Size

247KB
Sample

220523-zehjwsagbn
MD5

d1ada8c49c8e8b5fe935b8fbca4e8bde
SHA1

408ad8e3b2a2c51a88a65b2aade3a1274d3cd019
SHA256

01469776924091f125e2d55aea94f5f48b4e0f32200175451a3991a99287d19e
SHA512

9b76dbfd413b37e0d82f836deef97deb63a38cf118cfddbe4867d772e93c4b1b5f4d7c57f0bb501423c03a83365b895ec8758499955a23a327bd43bcfd585d99

Score

10^/10

bootkit persistence suricata upx

Malware Config

Targets

- Target
  
  01469776924091f125e2d55aea94f5f48b4e0f32200175451a3991a99287d19e
- Size
  
  247KB
- MD5
  
  d1ada8c49c8e8b5fe935b8fbca4e8bde
- SHA1
  
  408ad8e3b2a2c51a88a65b2aade3a1274d3cd019
- SHA256
  
  01469776924091f125e2d55aea94f5f48b4e0f32200175451a3991a99287d19e
- SHA512
  
  9b76dbfd413b37e0d82f836deef97deb63a38cf118cfddbe4867d772e93c4b1b5f4d7c57f0bb501423c03a83365b895ec8758499955a23a327bd43bcfd585d99
Score

10^/10

bootkit persistence suricata
- suricata: ET MALWARE Suspicious User-Agent (GenericHttp/VER_STR_COMMA)
  suricata: ET MALWARE Suspicious User-Agent (GenericHttp/VER_STR_COMMA)
  suricata
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistencesuricata

behavioral2

bootkitpersistencesuricata