e2b7c82687fd002adc62ade7347c746cd94d27c75e6feb09e7048938df23fdcd | Triage

Sharing

General

Target

e2b7c82687fd002adc62ade7347c746cd94d27c75e6feb09e7048938df23fdcd
Size

172KB
Sample

221123-p37htaga2w
MD5

b2c64a2391071f43e7c4b0d1b358d6c0
SHA1

6d17bcacc1300128c5d4ef9c7edb9d031e08e0cb
SHA256

e2b7c82687fd002adc62ade7347c746cd94d27c75e6feb09e7048938df23fdcd
SHA512

7a7c0e294b18c3b5691f65897ebbe3ad1f2d04636919fdbf5ec9f05ef07b805d8782cd1299c99f91e1ae4801b1728861963c782dc9945fa67a56b46888de8573
SSDEEP

3072:IdPlsp4I5XTFNdfnCbQJ2/CATMxQ+LVmUFUZWV0Vicc7TPuie6n:8Pg4IxFNhrJrHVmoV0Bc7TPu2n

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  e2b7c82687fd002adc62ade7347c746cd94d27c75e6feb09e7048938df23fdcd
- Size
  
  172KB
- MD5
  
  b2c64a2391071f43e7c4b0d1b358d6c0
- SHA1
  
  6d17bcacc1300128c5d4ef9c7edb9d031e08e0cb
- SHA256
  
  e2b7c82687fd002adc62ade7347c746cd94d27c75e6feb09e7048938df23fdcd
- SHA512
  
  7a7c0e294b18c3b5691f65897ebbe3ad1f2d04636919fdbf5ec9f05ef07b805d8782cd1299c99f91e1ae4801b1728861963c782dc9945fa67a56b46888de8573
- SSDEEP
  
  3072:IdPlsp4I5XTFNdfnCbQJ2/CATMxQ+LVmUFUZWV0Vicc7TPuie6n:8Pg4IxFNhrJrHVmoV0Bc7TPu2n
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence