6b17d4914b225ecceea6b2af8f1571da12c09e7434af37f025fba6076fcf1565 | Triage

Sharing

General

Target

6b17d4914b225ecceea6b2af8f1571da12c09e7434af37f025fba6076fcf1565
Size

3.6MB
Sample

220524-xazw9shcgn
MD5

9ecc50f5d5bac02c24a7e2deeb4a21a7
SHA1

e63b36ed4e21ca374cdb9092e5c1d7b515ba2e2f
SHA256

6b17d4914b225ecceea6b2af8f1571da12c09e7434af37f025fba6076fcf1565
SHA512

6d59630b340c368d21ce3d92473000615d22d2989a777afdab1b439a809f14e9a926489e10d584331c1d464c1b59335de2e3c4692a355238066986f47e2a6fd4

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  6b17d4914b225ecceea6b2af8f1571da12c09e7434af37f025fba6076fcf1565
- Size
  
  3.6MB
- MD5
  
  9ecc50f5d5bac02c24a7e2deeb4a21a7
- SHA1
  
  e63b36ed4e21ca374cdb9092e5c1d7b515ba2e2f
- SHA256
  
  6b17d4914b225ecceea6b2af8f1571da12c09e7434af37f025fba6076fcf1565
- SHA512
  
  6d59630b340c368d21ce3d92473000615d22d2989a777afdab1b439a809f14e9a926489e10d584331c1d464c1b59335de2e3c4692a355238066986f47e2a6fd4
Score

8^/10

bootkit persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Bootkit

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence