88da99406952a8a6d463f61b106a5e516121c3ac6c89307bdac084455316cde7 | Triage

Sharing

General

Target

88da99406952a8a6d463f61b106a5e516121c3ac6c89307bdac084455316cde7
Size

402KB
Sample

221203-jvtn4aga34
MD5

5c11f248ef1e25d12442c5b6585af1f4
SHA1

da7f2fe1ae537e33613347927cb002a0c1395ffb
SHA256

88da99406952a8a6d463f61b106a5e516121c3ac6c89307bdac084455316cde7
SHA512

c05e9cb274f98763ada120e9e60f4124847f9d6ce434df7998c0c096bb84a2ce035a51943ea5141697be169f6e95e9eeb688edb5cc4ee2f2d7d8525dc0875b05
SSDEEP

6144:ZG3iS2K8ygqSqYsjtZWQiiM1p9JltPnJ7bzyl/48cVLBIcq7oeUg32eT:chx8y/SqYgdtIpDnJ7nyF48cVLBi7BUu

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  88da99406952a8a6d463f61b106a5e516121c3ac6c89307bdac084455316cde7
- Size
  
  402KB
- MD5
  
  5c11f248ef1e25d12442c5b6585af1f4
- SHA1
  
  da7f2fe1ae537e33613347927cb002a0c1395ffb
- SHA256
  
  88da99406952a8a6d463f61b106a5e516121c3ac6c89307bdac084455316cde7
- SHA512
  
  c05e9cb274f98763ada120e9e60f4124847f9d6ce434df7998c0c096bb84a2ce035a51943ea5141697be169f6e95e9eeb688edb5cc4ee2f2d7d8525dc0875b05
- SSDEEP
  
  6144:ZG3iS2K8ygqSqYsjtZWQiiM1p9JltPnJ7bzyl/48cVLBIcq7oeUg32eT:chx8y/SqYgdtIpDnJ7nyF48cVLBi7BUu
Score

8^/10

bootkit persistence
- Blocklisted process makes network request
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence