08d2c14fc5c0bb9e3b0c6c23203fe6468fb3a6711c14f168efde2f702deb323b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08d2c14fc5c0bb9e3b0c6c23203fe6468fb3a6711c14f168efde2f702deb323b
Size

364KB
Sample

221107-rq3p7sbdh8
MD5

0f4e5e368641f09f07fb9c6fb2d5e296
SHA1

52c30ca76410297443e17de76e408c3c716ef501
SHA256

08d2c14fc5c0bb9e3b0c6c23203fe6468fb3a6711c14f168efde2f702deb323b
SHA512

c6f8a0b21b68ba933ce4940bb328c0a29f512a3eee8f406f7475323a74f7956ebee898b8240b21f392741d6f2b9a6ed53a5934ae586ddb2d840b52a4c16e551a
SSDEEP

6144:DAE+fvSvQsm5geuomlm05Ui5KSFdu73oHTQ1Gqz:DAE+Fsm5kPgd+4wkH

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  08d2c14fc5c0bb9e3b0c6c23203fe6468fb3a6711c14f168efde2f702deb323b
- Size
  
  364KB
- MD5
  
  0f4e5e368641f09f07fb9c6fb2d5e296
- SHA1
  
  52c30ca76410297443e17de76e408c3c716ef501
- SHA256
  
  08d2c14fc5c0bb9e3b0c6c23203fe6468fb3a6711c14f168efde2f702deb323b
- SHA512
  
  c6f8a0b21b68ba933ce4940bb328c0a29f512a3eee8f406f7475323a74f7956ebee898b8240b21f392741d6f2b9a6ed53a5934ae586ddb2d840b52a4c16e551a
- SSDEEP
  
  6144:DAE+fvSvQsm5geuomlm05Ui5KSFdu73oHTQ1Gqz:DAE+Fsm5kPgd+4wkH
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence