9d19aef09b2209c67110d1e8deb8f70c619776ba5c3fc7e59ae91d0b834048c7 | Triage

Sharing

General

Target

9d19aef09b2209c67110d1e8deb8f70c619776ba5c3fc7e59ae91d0b834048c7
Size

4.3MB
Sample

221125-nac8tsga21
MD5

dce8255856750aa34c216bd83d603c15
SHA1

35b392ef5ad0fafbdfc7fcc9164ae1ae3f945736
SHA256

9d19aef09b2209c67110d1e8deb8f70c619776ba5c3fc7e59ae91d0b834048c7
SHA512

68e10d0905b08eb419af774a206174e9e5ec6055e3cd9c0012ae41542593756a2393092211ca06476b2ea3308bea011c76e1297b9eed1ac6355785a246d7abde
SSDEEP

98304:WTIQO6JIV8Yr1i943Yb+wy5Qpscif7AXsx5R8OWaWS:WTIQO6JIV8Yr1i94/S+Wy

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  9d19aef09b2209c67110d1e8deb8f70c619776ba5c3fc7e59ae91d0b834048c7
- Size
  
  4.3MB
- MD5
  
  dce8255856750aa34c216bd83d603c15
- SHA1
  
  35b392ef5ad0fafbdfc7fcc9164ae1ae3f945736
- SHA256
  
  9d19aef09b2209c67110d1e8deb8f70c619776ba5c3fc7e59ae91d0b834048c7
- SHA512
  
  68e10d0905b08eb419af774a206174e9e5ec6055e3cd9c0012ae41542593756a2393092211ca06476b2ea3308bea011c76e1297b9eed1ac6355785a246d7abde
- SSDEEP
  
  98304:WTIQO6JIV8Yr1i943Yb+wy5Qpscif7AXsx5R8OWaWS:WTIQO6JIV8Yr1i94/S+Wy
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence