cf171a99ee072800e254bf440c0bdcaeb66815569b8b683eb985b345b816bd1b | Triage

Sharing

General

Target

cf171a99ee072800e254bf440c0bdcaeb66815569b8b683eb985b345b816bd1b
Size

470KB
Sample

221203-e5m7vaec45
MD5

ba27c6b81019a312eea3f6d060c7fa70
SHA1

81ee71045fcfedd2cfd68bf693a2d71829b3d949
SHA256

cf171a99ee072800e254bf440c0bdcaeb66815569b8b683eb985b345b816bd1b
SHA512

9f637e9505afcc6cb6a4b738f6db2cd913a64fcb0741bd5da2c94b1ed413c7ca6c77a36394039800e8450f41d058730e1fba25433b3096eac95e0658d7b192f8
SSDEEP

12288:FlVWvTJvuhNV7lE1Hw3ymsZc80kYMx54UJfQcWNtTirdDQd:FrETUx7lWfARy4U9QcSTEdDG

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  cf171a99ee072800e254bf440c0bdcaeb66815569b8b683eb985b345b816bd1b
- Size
  
  470KB
- MD5
  
  ba27c6b81019a312eea3f6d060c7fa70
- SHA1
  
  81ee71045fcfedd2cfd68bf693a2d71829b3d949
- SHA256
  
  cf171a99ee072800e254bf440c0bdcaeb66815569b8b683eb985b345b816bd1b
- SHA512
  
  9f637e9505afcc6cb6a4b738f6db2cd913a64fcb0741bd5da2c94b1ed413c7ca6c77a36394039800e8450f41d058730e1fba25433b3096eac95e0658d7b192f8
- SSDEEP
  
  12288:FlVWvTJvuhNV7lE1Hw3ymsZc80kYMx54UJfQcWNtTirdDQd:FrETUx7lWfARy4U9QcSTEdDG
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2