bcce62f66b54c0c7e73329e127e22975aa908668c1de2320692f8d77fbab572c | Triage

Sharing

General

Target

bcce62f66b54c0c7e73329e127e22975aa908668c1de2320692f8d77fbab572c
Size

1.3MB
Sample

221203-h5g8daeg47
MD5

8f7baeb156448c811d9cb1c1377e63fb
SHA1

66f68a7890634af34a48ba7def3a7c7465150729
SHA256

bcce62f66b54c0c7e73329e127e22975aa908668c1de2320692f8d77fbab572c
SHA512

9dd65c5da8c9d6fdb994453fe97894c490762c086fb6ae1ec94da6cfdf7167ed88758152201299c5b65651b683ee18c599217c55215d6e338919090b56309984
SSDEEP

24576:Zo5r2yh1vKuPc89ercVe2m5v7spNRu5vgVib+yYgwPMaTtwLF58+OW0sl:25r2wvZcZr92Cvc45YV8+yvwHTtwvRnl

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  bcce62f66b54c0c7e73329e127e22975aa908668c1de2320692f8d77fbab572c
- Size
  
  1.3MB
- MD5
  
  8f7baeb156448c811d9cb1c1377e63fb
- SHA1
  
  66f68a7890634af34a48ba7def3a7c7465150729
- SHA256
  
  bcce62f66b54c0c7e73329e127e22975aa908668c1de2320692f8d77fbab572c
- SHA512
  
  9dd65c5da8c9d6fdb994453fe97894c490762c086fb6ae1ec94da6cfdf7167ed88758152201299c5b65651b683ee18c599217c55215d6e338919090b56309984
- SSDEEP
  
  24576:Zo5r2yh1vKuPc89ercVe2m5v7spNRu5vgVib+yYgwPMaTtwLF58+OW0sl:25r2wvZcZr92Cvc45YV8+yvwHTtwvRnl
Score

8^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence