969609b66b8083c5b0d54c3dfad98c20b8d0668ec995a117a625caaa3a4657c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

969609b66b8083c5b0d54c3dfad98c20b8d0668ec995a117a625caaa3a4657c8
Size

100KB
Sample

221002-sezpvabfh4
MD5

645168f1c074b6688af3b1b1921a9186
SHA1

9b56f6645f893847b81ab4a3c605b1a62aa84f17
SHA256

969609b66b8083c5b0d54c3dfad98c20b8d0668ec995a117a625caaa3a4657c8
SHA512

0a198d6ab8df2840f045a415227e817295d0244dcee3a31b8583603b3e2f69bc4cd6f22c0e4bc12317c8949b712d3906f4d521c280947ea17e873dce5257ce7d
SSDEEP

3072:IxSxgggcQqnf8BhGMp22s4edkWGqzjTA:IdgR8Byn1Gqz

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  969609b66b8083c5b0d54c3dfad98c20b8d0668ec995a117a625caaa3a4657c8
- Size
  
  100KB
- MD5
  
  645168f1c074b6688af3b1b1921a9186
- SHA1
  
  9b56f6645f893847b81ab4a3c605b1a62aa84f17
- SHA256
  
  969609b66b8083c5b0d54c3dfad98c20b8d0668ec995a117a625caaa3a4657c8
- SHA512
  
  0a198d6ab8df2840f045a415227e817295d0244dcee3a31b8583603b3e2f69bc4cd6f22c0e4bc12317c8949b712d3906f4d521c280947ea17e873dce5257ce7d
- SSDEEP
  
  3072:IxSxgggcQqnf8BhGMp22s4edkWGqzjTA:IdgR8Byn1Gqz
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2