819a2057e6cafbc2dce82c263e0d97e899c4dde90c30aaa8727725cd26eb994d | Triage

Sharing

General

Target

819a2057e6cafbc2dce82c263e0d97e899c4dde90c30aaa8727725cd26eb994d
Size

8.5MB
Sample

221128-cvnphsge95
MD5

fc0f7d2895bd2507a6e3d8dd73bff589
SHA1

e0c40cee7971266e7268ef0319ad6cacc301dc08
SHA256

819a2057e6cafbc2dce82c263e0d97e899c4dde90c30aaa8727725cd26eb994d
SHA512

addfaaf1b3c9777f97138d0a9e4b4c52b9c7adb5fd4c394aa110ad12c0c7ff9b21c4f63459da4a02916d22afa2e9630b3781b694da5fd7378c1f76300212297d
SSDEEP

196608:orgJGjqMEnMgvs/s7veVyzXY0v4d1xIXB8WwBbZuxnn7iP6FCdL:RJJMUMgveszeVwU1yX+XZup7QdL

Score

9^/10

bootkit persistence

Malware Config

Targets

- Target
  
  819a2057e6cafbc2dce82c263e0d97e899c4dde90c30aaa8727725cd26eb994d
- Size
  
  8.5MB
- MD5
  
  fc0f7d2895bd2507a6e3d8dd73bff589
- SHA1
  
  e0c40cee7971266e7268ef0319ad6cacc301dc08
- SHA256
  
  819a2057e6cafbc2dce82c263e0d97e899c4dde90c30aaa8727725cd26eb994d
- SHA512
  
  addfaaf1b3c9777f97138d0a9e4b4c52b9c7adb5fd4c394aa110ad12c0c7ff9b21c4f63459da4a02916d22afa2e9630b3781b694da5fd7378c1f76300212297d
- SSDEEP
  
  196608:orgJGjqMEnMgvs/s7veVyzXY0v4d1xIXB8WwBbZuxnn7iP6FCdL:RJJMUMgveszeVwU1yX+XZup7QdL
Score

9^/10

bootkit persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence