f09ea5b5f700dae6435a0888d51e6abb4977ad980432d8425c05bf11e2362615 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f09ea5b5f700dae6435a0888d51e6abb4977ad980432d8425c05bf11e2362615
Size

237KB
Sample

221003-gax5nsbchl
MD5

64b3ec0f67be0a32bd1cfe98908b1c90
SHA1

5150bdb5e22b14805e3403ea81d9c6f256cf686d
SHA256

f09ea5b5f700dae6435a0888d51e6abb4977ad980432d8425c05bf11e2362615
SHA512

1a2ddd692a3dff1cead159a6ce03b34c6bbb77e476c79764a2feba34253f779274476d792d7e28cb1def815a51db7d74e120dfb9c1a2ecadb072d1254b7a13a4
SSDEEP

6144:K3kOMeaavF17EP6qyqsKKYL8NdKJqL1pI:aBMeT17zJpYadL1pI

Score

8^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  f09ea5b5f700dae6435a0888d51e6abb4977ad980432d8425c05bf11e2362615
- Size
  
  237KB
- MD5
  
  64b3ec0f67be0a32bd1cfe98908b1c90
- SHA1
  
  5150bdb5e22b14805e3403ea81d9c6f256cf686d
- SHA256
  
  f09ea5b5f700dae6435a0888d51e6abb4977ad980432d8425c05bf11e2362615
- SHA512
  
  1a2ddd692a3dff1cead159a6ce03b34c6bbb77e476c79764a2feba34253f779274476d792d7e28cb1def815a51db7d74e120dfb9c1a2ecadb072d1254b7a13a4
- SSDEEP
  
  6144:K3kOMeaavF17EP6qyqsKKYL8NdKJqL1pI:aBMeT17zJpYadL1pI
Score

8^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx