9e7a415a73970f78bf50e682c8a34632a5a809011131d27482781201a70a1ad1 | Triage

Sharing

General

Target

9e7a415a73970f78bf50e682c8a34632a5a809011131d27482781201a70a1ad1
Size

9.5MB
Sample

221123-z6w7cshf6x
MD5

3867ae2728ec7bba412f1a32228f9aff
SHA1

f3e10e156789fa8b854c1bfa86b510efdf9bd3ed
SHA256

9e7a415a73970f78bf50e682c8a34632a5a809011131d27482781201a70a1ad1
SHA512

1e9169901b6f8454080b2b6d16583d2932e246ab681d9ebe8ef4f941a7f73c9a43f77b192ddc9ea7e7d7e84b1a66780e9118349e9b217def262125b2067b1513
SSDEEP

196608:1rgJGjqMEnMgvs/s7veVyDXH9jK9rZteEGPpsE3QcrmKqsL9ciHslv1XGzooDzJ:eJJMUMgveszeVgtWB2EqpsE3Jr4sLGKl

Score

9^/10

bootkit persistence

Malware Config

Targets

- Target
  
  9e7a415a73970f78bf50e682c8a34632a5a809011131d27482781201a70a1ad1
- Size
  
  9.5MB
- MD5
  
  3867ae2728ec7bba412f1a32228f9aff
- SHA1
  
  f3e10e156789fa8b854c1bfa86b510efdf9bd3ed
- SHA256
  
  9e7a415a73970f78bf50e682c8a34632a5a809011131d27482781201a70a1ad1
- SHA512
  
  1e9169901b6f8454080b2b6d16583d2932e246ab681d9ebe8ef4f941a7f73c9a43f77b192ddc9ea7e7d7e84b1a66780e9118349e9b217def262125b2067b1513
- SSDEEP
  
  196608:1rgJGjqMEnMgvs/s7veVyDXH9jK9rZteEGPpsE3QcrmKqsL9ciHslv1XGzooDzJ:eJJMUMgveszeVgtWB2EqpsE3Jr4sLGKl
Score

9^/10

bootkit persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence