c14ee4f1e06946f64232129871aaa5dcdcf7128a2eb4672c9b30b96a8726b431 | Triage

Sharing

General

Target

c14ee4f1e06946f64232129871aaa5dcdcf7128a2eb4672c9b30b96a8726b431
Size

1.3MB
Sample

220524-xel6zahedj
MD5

d41f529fba6738e153cfe3e127aeb235
SHA1

4e86b14c66f8ddc363ad437e1bfa3e5c2bde9a10
SHA256

c14ee4f1e06946f64232129871aaa5dcdcf7128a2eb4672c9b30b96a8726b431
SHA512

318ce2c3fb880348a2ddefa07d7c7b628609ef6342da66d0456bea392865c9d2318060a96218b32380708a2260882b2922875b00e4927c45735ad6feaf9d856b

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  c14ee4f1e06946f64232129871aaa5dcdcf7128a2eb4672c9b30b96a8726b431
- Size
  
  1.3MB
- MD5
  
  d41f529fba6738e153cfe3e127aeb235
- SHA1
  
  4e86b14c66f8ddc363ad437e1bfa3e5c2bde9a10
- SHA256
  
  c14ee4f1e06946f64232129871aaa5dcdcf7128a2eb4672c9b30b96a8726b431
- SHA512
  
  318ce2c3fb880348a2ddefa07d7c7b628609ef6342da66d0456bea392865c9d2318060a96218b32380708a2260882b2922875b00e4927c45735ad6feaf9d856b
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence