469501c5f6aa76ff3ee40a61854e80ce11875599f4657557994e417b4036b082 | Triage

Sharing

General

Target

469501c5f6aa76ff3ee40a61854e80ce11875599f4657557994e417b4036b082
Size

284KB
Sample

221126-ae3sdsbg2z
MD5

92899c19b0977d43df5670542f802a79
SHA1

2700281fba4ac7c17b4ad61ee41a74f4eea94102
SHA256

469501c5f6aa76ff3ee40a61854e80ce11875599f4657557994e417b4036b082
SHA512

e19de32f0a78b57f8e97c4780c220802a320829a2b59e874152d3ed5ab9313dcc1e52545d9a7a33124c3a883fd858021e0ad2ae0e4480ff1e5c25126882fda2a
SSDEEP

3072:Arv/up5dv5aiqa+99NpK059azTS6JJvoWQCWuADqomV2I2x9wZZrdr8RpRDvpgXu:ALupD5axNhwgRqomMZwHribDeg4z4LZ

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  469501c5f6aa76ff3ee40a61854e80ce11875599f4657557994e417b4036b082
- Size
  
  284KB
- MD5
  
  92899c19b0977d43df5670542f802a79
- SHA1
  
  2700281fba4ac7c17b4ad61ee41a74f4eea94102
- SHA256
  
  469501c5f6aa76ff3ee40a61854e80ce11875599f4657557994e417b4036b082
- SHA512
  
  e19de32f0a78b57f8e97c4780c220802a320829a2b59e874152d3ed5ab9313dcc1e52545d9a7a33124c3a883fd858021e0ad2ae0e4480ff1e5c25126882fda2a
- SSDEEP
  
  3072:Arv/up5dv5aiqa+99NpK059azTS6JJvoWQCWuADqomV2I2x9wZZrdr8RpRDvpgXu:ALupD5axNhwgRqomMZwHribDeg4z4LZ
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence