b1e8ae7dee82e37105dad316071f0e87bdde2f50e713171e949d493d41443e78 | Triage

Sharing

General

Target

b1e8ae7dee82e37105dad316071f0e87bdde2f50e713171e949d493d41443e78
Size

120KB
Sample

221203-jmvanaff55
MD5

b645f04f1bdf8f460a0acc8be207f16b
SHA1

958e15415f978ac1ffd1a07ca5747e811e6cfd6e
SHA256

b1e8ae7dee82e37105dad316071f0e87bdde2f50e713171e949d493d41443e78
SHA512

14a762ee444f8c5fe18a499af1ecbaa65f6d7105250c160658b3b373d69cc2a827fed64a25ca21772f25e1f4948915cc96d73c5b13c52daab0a1659a1318fa35
SSDEEP

3072:CCY+1s3fXWh7lnz90d0g85LLg0jpgRPNx3WJ1XofwsgnW:CiGfXWh7lnz90d0NvgaKvGJ1XoCn

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  b1e8ae7dee82e37105dad316071f0e87bdde2f50e713171e949d493d41443e78
- Size
  
  120KB
- MD5
  
  b645f04f1bdf8f460a0acc8be207f16b
- SHA1
  
  958e15415f978ac1ffd1a07ca5747e811e6cfd6e
- SHA256
  
  b1e8ae7dee82e37105dad316071f0e87bdde2f50e713171e949d493d41443e78
- SHA512
  
  14a762ee444f8c5fe18a499af1ecbaa65f6d7105250c160658b3b373d69cc2a827fed64a25ca21772f25e1f4948915cc96d73c5b13c52daab0a1659a1318fa35
- SSDEEP
  
  3072:CCY+1s3fXWh7lnz90d0g85LLg0jpgRPNx3WJ1XofwsgnW:CiGfXWh7lnz90d0NvgaKvGJ1XoCn
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2