3e075f28584e17ac7d0fd0d59ff4f582e8d0a2ecb73144989c15d152e0041fb8 | Triage

Sharing

General

Target

3e075f28584e17ac7d0fd0d59ff4f582e8d0a2ecb73144989c15d152e0041fb8
Size

175KB
Sample

221125-c1nxgaeg94
MD5

6edb83104e660c7ddb33a659b804c5ab
SHA1

72103bbec3f9c3cb2d513f5e0604fbb693822e5b
SHA256

3e075f28584e17ac7d0fd0d59ff4f582e8d0a2ecb73144989c15d152e0041fb8
SHA512

a1180511ec3c84344bf8375ab3d04ba5cbc9295cd69461fd90f922dc6e13b85ed1a53b8846616dd2719efa8b2710ecd481bbf3f762da3c70477b14f3b21147e6
SSDEEP

3072:16KWkWZtUA1x8QKr3gOKICWgPsFnXKwCSWKksSGfvEhF6QbjduH6YoORyWXknd+o:16JkWZtUmSQqwOvCWgPuCSasVfMj6BHa

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  3e075f28584e17ac7d0fd0d59ff4f582e8d0a2ecb73144989c15d152e0041fb8
- Size
  
  175KB
- MD5
  
  6edb83104e660c7ddb33a659b804c5ab
- SHA1
  
  72103bbec3f9c3cb2d513f5e0604fbb693822e5b
- SHA256
  
  3e075f28584e17ac7d0fd0d59ff4f582e8d0a2ecb73144989c15d152e0041fb8
- SHA512
  
  a1180511ec3c84344bf8375ab3d04ba5cbc9295cd69461fd90f922dc6e13b85ed1a53b8846616dd2719efa8b2710ecd481bbf3f762da3c70477b14f3b21147e6
- SSDEEP
  
  3072:16KWkWZtUA1x8QKr3gOKICWgPsFnXKwCSWKksSGfvEhF6QbjduH6YoORyWXknd+o:16JkWZtUmSQqwOvCWgPuCSasVfMj6BHa
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence