52b96187173ac027b8c8ed25310fbdcd63b5b3e50c467651b93b0028af765929 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52b96187173ac027b8c8ed25310fbdcd63b5b3e50c467651b93b0028af765929
Size

3.6MB
Sample

221127-twc3vafa3s
MD5

d9939a206a135a98b82c2ae4140e7cbf
SHA1

82dd68aecda6efde36968b20c149e9101e71ad3c
SHA256

52b96187173ac027b8c8ed25310fbdcd63b5b3e50c467651b93b0028af765929
SHA512

231629e7bb1d8e8ebdb9d33d2ed5d954db88584e9f64dceba961907c183c639ecc6eb1429447ae7fb08656e6806499b0ee923f3476e4497a0551e44b7138b819
SSDEEP

49152:1nDJ09W3jUr3q6wMrskmHZf+VjIBoTL+Yd+Z+:1DC9W3jWq60HZf+Vcezdk

Score

6^/10

bootkit evasion persistence trojan

Malware Config

Targets

- Target
  
  52b96187173ac027b8c8ed25310fbdcd63b5b3e50c467651b93b0028af765929
- Size
  
  3.6MB
- MD5
  
  d9939a206a135a98b82c2ae4140e7cbf
- SHA1
  
  82dd68aecda6efde36968b20c149e9101e71ad3c
- SHA256
  
  52b96187173ac027b8c8ed25310fbdcd63b5b3e50c467651b93b0028af765929
- SHA512
  
  231629e7bb1d8e8ebdb9d33d2ed5d954db88584e9f64dceba961907c183c639ecc6eb1429447ae7fb08656e6806499b0ee923f3476e4497a0551e44b7138b819
- SSDEEP
  
  49152:1nDJ09W3jUr3q6wMrskmHZf+VjIBoTL+Yd+Z+:1DC9W3jWq60HZf+Vcezdk
Score

6^/10

bootkit evasion persistence trojan
- Checks whether UAC is enabled
  evasion trojan
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitevasionpersistencetrojan

behavioral2

bootkitevasionpersistencetrojan