73341a52ff7395bbf753c69651d0c8390660514ce87e2049cb79e907c6839165 | Triage

Sharing

General

Target

73341a52ff7395bbf753c69651d0c8390660514ce87e2049cb79e907c6839165
Size

1.4MB
Sample

221201-d3e8saed3w
MD5

511d2614046c49e102c1638e06d09603
SHA1

26106d3e0a799425c287e72ec37fdf0a3762399b
SHA256

73341a52ff7395bbf753c69651d0c8390660514ce87e2049cb79e907c6839165
SHA512

93f07ed35b2233c2700286851c5a479e143568c6603675af3fdc922423c5158f4b587f911e9d223216c1669fe047e13c67ea28064e76db7bfc0921b41727c2fe
SSDEEP

12288:InpaODJZfcaxqAiRmuxpPGAAoi5o5g44HH0xRmmIDemFDPuD0HOuxpPGAAoi5:IjqAiDjp5gTHHAgNPuYj

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  73341a52ff7395bbf753c69651d0c8390660514ce87e2049cb79e907c6839165
- Size
  
  1.4MB
- MD5
  
  511d2614046c49e102c1638e06d09603
- SHA1
  
  26106d3e0a799425c287e72ec37fdf0a3762399b
- SHA256
  
  73341a52ff7395bbf753c69651d0c8390660514ce87e2049cb79e907c6839165
- SHA512
  
  93f07ed35b2233c2700286851c5a479e143568c6603675af3fdc922423c5158f4b587f911e9d223216c1669fe047e13c67ea28064e76db7bfc0921b41727c2fe
- SSDEEP
  
  12288:InpaODJZfcaxqAiRmuxpPGAAoi5o5g44HH0xRmmIDemFDPuD0HOuxpPGAAoi5:IjqAiDjp5gTHHAgNPuYj
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence