b821b36c8fb61069f672db7ed65062c5e13ce03f2e61dae545a5f4378edb28c2 | Triage

Sharing

General

Target

b821b36c8fb61069f672db7ed65062c5e13ce03f2e61dae545a5f4378edb28c2
Size

79KB
Sample

221203-hfbpascf83
MD5

6e117900e2f8bd6dbe357d318861a4bd
SHA1

0567a94d12ec923f651143803c4584fa2c03fa9b
SHA256

b821b36c8fb61069f672db7ed65062c5e13ce03f2e61dae545a5f4378edb28c2
SHA512

26dff91a311b435fa9e38c5388b6be4e3ec4f05d74e0fe5e142a9e9d4d7da4d90ec91af64e9ab597b1837f415d6a57f6780ca41529e93097679abaa1d6f4a014
SSDEEP

1536:MfNsbqWmhI6d75bvlsWpcAMQUEwLJRme73f2Q:MfNXWWI6d7JuWPMOomMv2

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  b821b36c8fb61069f672db7ed65062c5e13ce03f2e61dae545a5f4378edb28c2
- Size
  
  79KB
- MD5
  
  6e117900e2f8bd6dbe357d318861a4bd
- SHA1
  
  0567a94d12ec923f651143803c4584fa2c03fa9b
- SHA256
  
  b821b36c8fb61069f672db7ed65062c5e13ce03f2e61dae545a5f4378edb28c2
- SHA512
  
  26dff91a311b435fa9e38c5388b6be4e3ec4f05d74e0fe5e142a9e9d4d7da4d90ec91af64e9ab597b1837f415d6a57f6780ca41529e93097679abaa1d6f4a014
- SSDEEP
  
  1536:MfNsbqWmhI6d75bvlsWpcAMQUEwLJRme73f2Q:MfNXWWI6d7JuWPMOomMv2
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2