abdbc63553d9be8c1d8d08e085267563e7de5f7e88d456c9c4439cf068872184 | Triage

Sharing

General

Target

abdbc63553d9be8c1d8d08e085267563e7de5f7e88d456c9c4439cf068872184
Size

368KB
Sample

221123-l168gscg82
MD5

3ac14754164e96a2c7b4a9b23fcaa466
SHA1

da795ab5790579a31eb06cb134a96cef0919592a
SHA256

abdbc63553d9be8c1d8d08e085267563e7de5f7e88d456c9c4439cf068872184
SHA512

5b5f48998857ecbc0d92e73ced5d9d1b1040079558e4e4f83aed3db610e4b013e9674cfc369f45f38108079d09a306ce346c05fb82b8e5ff53da8b4e6c753762
SSDEEP

6144:c4MZkBFMNkph/8C05sXTzDb3I+sLWc1X/2uqmvg5zUTzIdgV8zg3:ZXD3mKbELWc0KPzELzQ

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  abdbc63553d9be8c1d8d08e085267563e7de5f7e88d456c9c4439cf068872184
- Size
  
  368KB
- MD5
  
  3ac14754164e96a2c7b4a9b23fcaa466
- SHA1
  
  da795ab5790579a31eb06cb134a96cef0919592a
- SHA256
  
  abdbc63553d9be8c1d8d08e085267563e7de5f7e88d456c9c4439cf068872184
- SHA512
  
  5b5f48998857ecbc0d92e73ced5d9d1b1040079558e4e4f83aed3db610e4b013e9674cfc369f45f38108079d09a306ce346c05fb82b8e5ff53da8b4e6c753762
- SSDEEP
  
  6144:c4MZkBFMNkph/8C05sXTzDb3I+sLWc1X/2uqmvg5zUTzIdgV8zg3:ZXD3mKbELWc0KPzELzQ
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence