a0466b3f604673734971265fe4e2e9d7c864d853d4052ee7335f7f676d33e8c6 | Triage

Sharing

General

Target

a0466b3f604673734971265fe4e2e9d7c864d853d4052ee7335f7f676d33e8c6
Size

85KB
Sample

221028-3hlbqsccgq
MD5

c57e3344cf217b53c9dc8599796b8ace
SHA1

bc8e066fa65ace562b8b5aee4099a7d224bd748c
SHA256

a0466b3f604673734971265fe4e2e9d7c864d853d4052ee7335f7f676d33e8c6
SHA512

4d48cdb15325a89f543e48169218f645602b50e943bab101f818ae35d28fdc7fafd59e01a669f8b1225ab7f9179affffe0a9dab23d0d991a438dd06bd35d4219
SSDEEP

1536:GULHfxvxY3dHBG6beulFsVESLtUUhYZAN29viFK3iVq08qScb:GsppYHG6beuiPzFNFciVq0h7b

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  a0466b3f604673734971265fe4e2e9d7c864d853d4052ee7335f7f676d33e8c6
- Size
  
  85KB
- MD5
  
  c57e3344cf217b53c9dc8599796b8ace
- SHA1
  
  bc8e066fa65ace562b8b5aee4099a7d224bd748c
- SHA256
  
  a0466b3f604673734971265fe4e2e9d7c864d853d4052ee7335f7f676d33e8c6
- SHA512
  
  4d48cdb15325a89f543e48169218f645602b50e943bab101f818ae35d28fdc7fafd59e01a669f8b1225ab7f9179affffe0a9dab23d0d991a438dd06bd35d4219
- SSDEEP
  
  1536:GULHfxvxY3dHBG6beulFsVESLtUUhYZAN29viFK3iVq08qScb:GsppYHG6beuiPzFNFciVq0h7b
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2