760197e18380172db0b33a3335bd45fa5ff077fc3201db4da6b137d1bbd96b87 | Triage

Sharing

General

Target

760197e18380172db0b33a3335bd45fa5ff077fc3201db4da6b137d1bbd96b87
Size

640KB
Sample

221002-l4zmtabhep
MD5

65eca2b95c589d6f0bc36afa4e932bbc
SHA1

326abb986f87f3ab5a89c206f2a5fe2bb0e4efce
SHA256

760197e18380172db0b33a3335bd45fa5ff077fc3201db4da6b137d1bbd96b87
SHA512

dcc4dbfa1d9bd2de749fdad38407217c7bf9e7cb2d6a0682d57628566f34c008e49259e9dcd82066f891008c71373d86ebfd5bd084f06c51dce552d84dbf447f
SSDEEP

12288:pYTACouoxfilVzYKj86sZ4JySsy3VesuOdVAy3oCvC1i+5qGHSCGhJdkVWaK:pYTACSfilpYO5bBeCXT3oCvC1H5LSPhR

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  760197e18380172db0b33a3335bd45fa5ff077fc3201db4da6b137d1bbd96b87
- Size
  
  640KB
- MD5
  
  65eca2b95c589d6f0bc36afa4e932bbc
- SHA1
  
  326abb986f87f3ab5a89c206f2a5fe2bb0e4efce
- SHA256
  
  760197e18380172db0b33a3335bd45fa5ff077fc3201db4da6b137d1bbd96b87
- SHA512
  
  dcc4dbfa1d9bd2de749fdad38407217c7bf9e7cb2d6a0682d57628566f34c008e49259e9dcd82066f891008c71373d86ebfd5bd084f06c51dce552d84dbf447f
- SSDEEP
  
  12288:pYTACouoxfilVzYKj86sZ4JySsy3VesuOdVAy3oCvC1i+5qGHSCGhJdkVWaK:pYTACSfilpYO5bBeCXT3oCvC1H5LSPhR
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2