f234099dc0a75ab83721fd2f177c93a9934ccbe0eefefa27400899c1287c38bd | Triage

Sharing

General

Target

f234099dc0a75ab83721fd2f177c93a9934ccbe0eefefa27400899c1287c38bd
Size

738KB
Sample

221125-k7k36aba3v
MD5

0bfb96723fd4b34049b50d646fa03197
SHA1

ea6a64b044487026c3369f3ba522dd670e6d5ee2
SHA256

f234099dc0a75ab83721fd2f177c93a9934ccbe0eefefa27400899c1287c38bd
SHA512

30cb58ae6b85e39ac15d0508e6e64332bc606f73e32c9bb3de0d19e6a9f853357160249363b73a457f9dc59b5f074ed878d963f19f5415794c677095baa4a948
SSDEEP

12288:MwGsNHl+QXfQrKFAVUBhrTVNXO7H7N7u18rdHQ8aq+DFER:+sNHlNfQrKFEUn9N+bZu18rdHQ8a7DFM

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  f234099dc0a75ab83721fd2f177c93a9934ccbe0eefefa27400899c1287c38bd
- Size
  
  738KB
- MD5
  
  0bfb96723fd4b34049b50d646fa03197
- SHA1
  
  ea6a64b044487026c3369f3ba522dd670e6d5ee2
- SHA256
  
  f234099dc0a75ab83721fd2f177c93a9934ccbe0eefefa27400899c1287c38bd
- SHA512
  
  30cb58ae6b85e39ac15d0508e6e64332bc606f73e32c9bb3de0d19e6a9f853357160249363b73a457f9dc59b5f074ed878d963f19f5415794c677095baa4a948
- SSDEEP
  
  12288:MwGsNHl+QXfQrKFAVUBhrTVNXO7H7N7u18rdHQ8aq+DFER:+sNHlNfQrKFEUn9N+bZu18rdHQ8a7DFM
Score

8^/10

bootkit persistence
- Blocklisted process makes network request
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence