ad91d4f5be9178df7b570e6db5a8d1fded1a95e843b30be108ed821b33504b33 | Triage

Sharing

General

Target

ad91d4f5be9178df7b570e6db5a8d1fded1a95e843b30be108ed821b33504b33
Size

10KB
Sample

221123-ltke5sff8y
MD5

f6ec322450da7ee7f89092d4f7fb370a
SHA1

50792442361e3fd992f17361cb1611ced431aad5
SHA256

ad91d4f5be9178df7b570e6db5a8d1fded1a95e843b30be108ed821b33504b33
SHA512

edf1d87789957597355c46c6343e9718eae70d2b073d5a6ddef4c610007e297aaac877d17a13730f1d8ebc4e1b17d84c9bc2e546d99bb30e63e402bdfef64955
SSDEEP

192:3rqvqucLm8WrcchKMqiJQjwPRn4sU9Vw:3rUqbOPhKMqkPws

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  ad91d4f5be9178df7b570e6db5a8d1fded1a95e843b30be108ed821b33504b33
- Size
  
  10KB
- MD5
  
  f6ec322450da7ee7f89092d4f7fb370a
- SHA1
  
  50792442361e3fd992f17361cb1611ced431aad5
- SHA256
  
  ad91d4f5be9178df7b570e6db5a8d1fded1a95e843b30be108ed821b33504b33
- SHA512
  
  edf1d87789957597355c46c6343e9718eae70d2b073d5a6ddef4c610007e297aaac877d17a13730f1d8ebc4e1b17d84c9bc2e546d99bb30e63e402bdfef64955
- SSDEEP
  
  192:3rqvqucLm8WrcchKMqiJQjwPRn4sU9Vw:3rUqbOPhKMqkPws
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence