2ba78daac8275460bd4b103e2ff3f77b35ebfac9d4a1eaa75a733056ce821a09 | Triage

Sharing

General

Target

ytbot.rar_id17966281.exe
Size

1.3MB
Sample

220527-ewpz3sgfh9
MD5

849dde4fb5d0e5a7640ac54ce151b09c
SHA1

41fe50c1718b823adb128b413b147bc67ee6372e
SHA256

2ba78daac8275460bd4b103e2ff3f77b35ebfac9d4a1eaa75a733056ce821a09
SHA512

ba75428ae3f378fee344426cc5d9364b1826f2233640778afc6d61320167ec8aee70f84aa037085699d2b263305114c49e2083b162dbc6e706310fa91d9ef48b

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  ytbot.rar_id17966281.exe
- Size
  
  1.3MB
- MD5
  
  849dde4fb5d0e5a7640ac54ce151b09c
- SHA1
  
  41fe50c1718b823adb128b413b147bc67ee6372e
- SHA256
  
  2ba78daac8275460bd4b103e2ff3f77b35ebfac9d4a1eaa75a733056ce821a09
- SHA512
  
  ba75428ae3f378fee344426cc5d9364b1826f2233640778afc6d61320167ec8aee70f84aa037085699d2b263305114c49e2083b162dbc6e706310fa91d9ef48b
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence