92ad00c6c1e5e20c8eb989d97ab7548fcd65e8e134e1c1215c5c14b820a321a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92ad00c6c1e5e20c8eb989d97ab7548fcd65e8e134e1c1215c5c14b820a321a2
Size

183KB
Sample

221202-2pzbhabg63
MD5

35261d26c9363da97d429ff1dcb4b195
SHA1

3bc8acfe911de0c0d146bee4111ecb8a723d0876
SHA256

92ad00c6c1e5e20c8eb989d97ab7548fcd65e8e134e1c1215c5c14b820a321a2
SHA512

ac4a000367a9da88b5031ce0ef5a667b012292a2dd948e7cbc5129b1dc44ac8c929c2be82934a2ea8d9b6579b411879f7f51c3d41e622ed4304eaeeb2e4451c3
SSDEEP

3072:FWMFx/ZIItATGcBhNZAxdJIeQ7hqrw1o98PsMBv3MCmJpTpj9B0tq:F5Fx/ZIfhfKx/8GcsMBvMCmJp58tq

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  92ad00c6c1e5e20c8eb989d97ab7548fcd65e8e134e1c1215c5c14b820a321a2
- Size
  
  183KB
- MD5
  
  35261d26c9363da97d429ff1dcb4b195
- SHA1
  
  3bc8acfe911de0c0d146bee4111ecb8a723d0876
- SHA256
  
  92ad00c6c1e5e20c8eb989d97ab7548fcd65e8e134e1c1215c5c14b820a321a2
- SHA512
  
  ac4a000367a9da88b5031ce0ef5a667b012292a2dd948e7cbc5129b1dc44ac8c929c2be82934a2ea8d9b6579b411879f7f51c3d41e622ed4304eaeeb2e4451c3
- SSDEEP
  
  3072:FWMFx/ZIItATGcBhNZAxdJIeQ7hqrw1o98PsMBv3MCmJpTpj9B0tq:F5Fx/ZIfhfKx/8GcsMBvMCmJp58tq
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence