1dad7ac4eac540aec99a38e68fcb07ebbb29605eef7bb2d7c33616181bf38c0f | Triage

Sharing

General

Target

1dad7ac4eac540aec99a38e68fcb07ebbb29605eef7bb2d7c33616181bf38c0f
Size

7.2MB
Sample

221123-z71aeahg3s
MD5

8c029d3b5e0a89fff1ff6431ab3a0645
SHA1

acd9e6f6d923f361f3c1e629067ccc0350a3703c
SHA256

1dad7ac4eac540aec99a38e68fcb07ebbb29605eef7bb2d7c33616181bf38c0f
SHA512

0e3da193f603fd34a1ecb348aad99214bc825785fc0e30b8f874c2bee155f163cf1ba594f7326d74791caca530ca73a9ee27ec46771a6d2fc12eba540ce1c989
SSDEEP

196608:0rgJGjqMEnMgvs/s7veVyzX0nn27rn8McpA3w7CAfRXrrY:lJJMUMgveszeVwE27r8h3GQRY

Score

9^/10

bootkit persistence

Malware Config

Targets

- Target
  
  1dad7ac4eac540aec99a38e68fcb07ebbb29605eef7bb2d7c33616181bf38c0f
- Size
  
  7.2MB
- MD5
  
  8c029d3b5e0a89fff1ff6431ab3a0645
- SHA1
  
  acd9e6f6d923f361f3c1e629067ccc0350a3703c
- SHA256
  
  1dad7ac4eac540aec99a38e68fcb07ebbb29605eef7bb2d7c33616181bf38c0f
- SHA512
  
  0e3da193f603fd34a1ecb348aad99214bc825785fc0e30b8f874c2bee155f163cf1ba594f7326d74791caca530ca73a9ee27ec46771a6d2fc12eba540ce1c989
- SSDEEP
  
  196608:0rgJGjqMEnMgvs/s7veVyzX0nn27rn8McpA3w7CAfRXrrY:lJJMUMgveszeVwE27r8h3GQRY
Score

9^/10

bootkit persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence