612b5d071b699d63d5ba5c4838e460f318795f459d5cd3b9b6566c2e966411ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

612b5d071b699d63d5ba5c4838e460f318795f459d5cd3b9b6566c2e966411ed
Size

3.7MB
Sample

221002-dvzbpafcb9
MD5

4ef1576d3bf3388875d062efa805cb79
SHA1

758734b326fcc30d18cb5dcec55dcc00f5dce34f
SHA256

612b5d071b699d63d5ba5c4838e460f318795f459d5cd3b9b6566c2e966411ed
SHA512

bcbe870931239db22d894ff9c88e711884affc22d0cf1108f8bf88256d7d39ce051eca088edaf51f01ce666830b3fe813599b2c4ce2f5a7d299a50b492b287e1
SSDEEP

49152:JaggQqi4eh17/ZNvVfqNDDkxOc/wAi6trrpFmyTFGzAA6K9ys2oAyc9eV:kggQqi1j7zv1Uk8c/w1mlT8zXkT8

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  612b5d071b699d63d5ba5c4838e460f318795f459d5cd3b9b6566c2e966411ed
- Size
  
  3.7MB
- MD5
  
  4ef1576d3bf3388875d062efa805cb79
- SHA1
  
  758734b326fcc30d18cb5dcec55dcc00f5dce34f
- SHA256
  
  612b5d071b699d63d5ba5c4838e460f318795f459d5cd3b9b6566c2e966411ed
- SHA512
  
  bcbe870931239db22d894ff9c88e711884affc22d0cf1108f8bf88256d7d39ce051eca088edaf51f01ce666830b3fe813599b2c4ce2f5a7d299a50b492b287e1
- SSDEEP
  
  49152:JaggQqi4eh17/ZNvVfqNDDkxOc/wAi6trrpFmyTFGzAA6K9ys2oAyc9eV:kggQqi1j7zv1Uk8c/w1mlT8zXkT8
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2