abf91130d19ebc876b1095333de75ec811f59114ab572a8335a78bac85f54f48 | Triage

Sharing

General

Target

abf91130d19ebc876b1095333de75ec811f59114ab572a8335a78bac85f54f48
Size

339KB
Sample

221124-d5mqmsef39
MD5

117ac2aedd24c4203ee6d21c02bfcfaf
SHA1

1c690c70d14e0faabab41eee66b2d0fbb49dbc15
SHA256

abf91130d19ebc876b1095333de75ec811f59114ab572a8335a78bac85f54f48
SHA512

157a108b9bfe35eaebe8f3faba8e150162d2c30a1dcdca850e4f8f004552375c457e135f58541e7d881ffa207c89f823a677bd2159ccc1150423ed4505c97d7f
SSDEEP

6144:MGA5wVdCy6wrbDY0rDqTWC4zEDzKuTrSbxc97cnef8JAXCyW/UYgwjRk87:djyy64VrDqTWIzW+9Yef8JKW/FR3

Score

8^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  abf91130d19ebc876b1095333de75ec811f59114ab572a8335a78bac85f54f48
- Size
  
  339KB
- MD5
  
  117ac2aedd24c4203ee6d21c02bfcfaf
- SHA1
  
  1c690c70d14e0faabab41eee66b2d0fbb49dbc15
- SHA256
  
  abf91130d19ebc876b1095333de75ec811f59114ab572a8335a78bac85f54f48
- SHA512
  
  157a108b9bfe35eaebe8f3faba8e150162d2c30a1dcdca850e4f8f004552375c457e135f58541e7d881ffa207c89f823a677bd2159ccc1150423ed4505c97d7f
- SSDEEP
  
  6144:MGA5wVdCy6wrbDY0rDqTWC4zEDzKuTrSbxc97cnef8JAXCyW/UYgwjRk87:djyy64VrDqTWIzW+9Yef8JKW/FR3
Score

8^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx