0ed55e3d7c320506f04ed52ebc46c256fe813aa4387d5ecd259433c20ec657d4 | Triage

Sharing

General

Target

0ed55e3d7c320506f04ed52ebc46c256fe813aa4387d5ecd259433c20ec657d4
Size

749KB
Sample

221125-qe1k2ade41
MD5

fb3b4278ddaf4e3ea8a74a3309d4c28d
SHA1

93cd7cb15f099c0e0f3f3396038d3dbf948ca5f2
SHA256

0ed55e3d7c320506f04ed52ebc46c256fe813aa4387d5ecd259433c20ec657d4
SHA512

a7d77c1e259b345cdaf68cff497559207c28194a69e7e57811cd9b4efe9dd45ac65ec04a5363adad0a991f098a6b15819f672d065348cd22c6e5aef2e80edd38
SSDEEP

12288:R1HCq6pjUJjz1MlY7W16W1koLtBN+tXCJZjiqevn6UJKAX:RdCjUJjzIY7Wt1koNZjiJ6UJKAX

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  0ed55e3d7c320506f04ed52ebc46c256fe813aa4387d5ecd259433c20ec657d4
- Size
  
  749KB
- MD5
  
  fb3b4278ddaf4e3ea8a74a3309d4c28d
- SHA1
  
  93cd7cb15f099c0e0f3f3396038d3dbf948ca5f2
- SHA256
  
  0ed55e3d7c320506f04ed52ebc46c256fe813aa4387d5ecd259433c20ec657d4
- SHA512
  
  a7d77c1e259b345cdaf68cff497559207c28194a69e7e57811cd9b4efe9dd45ac65ec04a5363adad0a991f098a6b15819f672d065348cd22c6e5aef2e80edd38
- SSDEEP
  
  12288:R1HCq6pjUJjz1MlY7W16W1koLtBN+tXCJZjiqevn6UJKAX:RdCjUJjzIY7Wt1koNZjiJ6UJKAX
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence