a778ba42d7bb8516d5dd766b5bced424c4771f74bf5d421edb511d6f413b5a41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a778ba42d7bb8516d5dd766b5bced424c4771f74bf5d421edb511d6f413b5a41
Size

88KB
Sample

221201-yqb1taac8w
MD5

3e1db1de056688ab4fbdcf2bacaf09bd
SHA1

e53e94ed71f1fa706ef3be5eade99fd22d1d819e
SHA256

a778ba42d7bb8516d5dd766b5bced424c4771f74bf5d421edb511d6f413b5a41
SHA512

8882d9b82a50e82c756cbdd3473f8293d80ebcd70ff33963b621633f43616894defd14acf766913b74b9de80c8543fb2e1a092b4cb6ef8c0536c33897416bd1d
SSDEEP

1536:V3fos6AEILMnhfKiV2bIzoZ4uVEv4qzzZDImqYpK+xD/H03R65Ja5NuPY:V3f96LAMnTV2oM4rvxImqZKm65iNuPY

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  a778ba42d7bb8516d5dd766b5bced424c4771f74bf5d421edb511d6f413b5a41
- Size
  
  88KB
- MD5
  
  3e1db1de056688ab4fbdcf2bacaf09bd
- SHA1
  
  e53e94ed71f1fa706ef3be5eade99fd22d1d819e
- SHA256
  
  a778ba42d7bb8516d5dd766b5bced424c4771f74bf5d421edb511d6f413b5a41
- SHA512
  
  8882d9b82a50e82c756cbdd3473f8293d80ebcd70ff33963b621633f43616894defd14acf766913b74b9de80c8543fb2e1a092b4cb6ef8c0536c33897416bd1d
- SSDEEP
  
  1536:V3fos6AEILMnhfKiV2bIzoZ4uVEv4qzzZDImqYpK+xD/H03R65Ja5NuPY:V3f96LAMnTV2oM4rvxImqZKm65iNuPY
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2