e5f4bb4dab3d465b2fc919313b0631fbc540c50a5d62af3878efbad607601a8e | Triage

Sharing

General

Target

e5f4bb4dab3d465b2fc919313b0631fbc540c50a5d62af3878efbad607601a8e
Size

302KB
Sample

221030-xam8gafahl
MD5

823ede592dd1d0d7b564dd0bc45c119a
SHA1

36d17ae4de4b47f90b4288a785f02c60f021eaac
SHA256

e5f4bb4dab3d465b2fc919313b0631fbc540c50a5d62af3878efbad607601a8e
SHA512

5c391584a8d8a43a29444de3ea463ba3d5682017442c0e848cbbb43d8344aab0e2e565d19669e9577143d9881953819b5cdf3f7c3f9c93e8fbcf1d841fe86ee3
SSDEEP

6144:2zm01fxxOUCjMOc+WjRSCnVW5GJZ2tNYLj8MfsBB+2Anva:2y037VzYKj86s3+23

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  e5f4bb4dab3d465b2fc919313b0631fbc540c50a5d62af3878efbad607601a8e
- Size
  
  302KB
- MD5
  
  823ede592dd1d0d7b564dd0bc45c119a
- SHA1
  
  36d17ae4de4b47f90b4288a785f02c60f021eaac
- SHA256
  
  e5f4bb4dab3d465b2fc919313b0631fbc540c50a5d62af3878efbad607601a8e
- SHA512
  
  5c391584a8d8a43a29444de3ea463ba3d5682017442c0e848cbbb43d8344aab0e2e565d19669e9577143d9881953819b5cdf3f7c3f9c93e8fbcf1d841fe86ee3
- SSDEEP
  
  6144:2zm01fxxOUCjMOc+WjRSCnVW5GJZ2tNYLj8MfsBB+2Anva:2y037VzYKj86s3+23
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2