cfd6979b42f1549b12ec92d510129c53c05f47f712ac31a1bcc979d8aab83431 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfd6979b42f1549b12ec92d510129c53c05f47f712ac31a1bcc979d8aab83431
Size

2.4MB
Sample

221201-l9xemsce8w
MD5

b1564aba878a760316bac9cd40764c83
SHA1

e5a60c0f82205395f4d94375abde7d616f9c2da4
SHA256

cfd6979b42f1549b12ec92d510129c53c05f47f712ac31a1bcc979d8aab83431
SHA512

3d522f611d232ef069e24f826aa8ebd10a100a2faca1ca9c54019eddc9696ac884628bcc009ad2621108305ae36923892da1d51a1d081958655f86015f77e9f5
SSDEEP

49152:AgH1i41dDCQv5gqBvrPwMtbBkYrgs+SkrAb6hXDJy/F:AG1NDCQmqBvzw4iYYk6hXo/F

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  cfd6979b42f1549b12ec92d510129c53c05f47f712ac31a1bcc979d8aab83431
- Size
  
  2.4MB
- MD5
  
  b1564aba878a760316bac9cd40764c83
- SHA1
  
  e5a60c0f82205395f4d94375abde7d616f9c2da4
- SHA256
  
  cfd6979b42f1549b12ec92d510129c53c05f47f712ac31a1bcc979d8aab83431
- SHA512
  
  3d522f611d232ef069e24f826aa8ebd10a100a2faca1ca9c54019eddc9696ac884628bcc009ad2621108305ae36923892da1d51a1d081958655f86015f77e9f5
- SSDEEP
  
  49152:AgH1i41dDCQv5gqBvrPwMtbBkYrgs+SkrAb6hXDJy/F:AG1NDCQmqBvzw4iYYk6hXo/F
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bootkitpersistence