c0fb27c8cbafe82f078922c13b42bd50f9f5fa51a0522f8d9708084280e86a44 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0fb27c8cbafe82f078922c13b42bd50f9f5fa51a0522f8d9708084280e86a44
Size

330KB
Sample

221203-q63jpsfb93
MD5

91bffeebd299538d70f42e7f72a5c49f
SHA1

3d5ab2a2ac8a303d4c60d61cdce8f29a88fd974b
SHA256

c0fb27c8cbafe82f078922c13b42bd50f9f5fa51a0522f8d9708084280e86a44
SHA512

e6dc473bc9ff2d81d6035bb2f0bcb6050b9d4afa022aaed97fb005c55af76dad546ad857a6d1099e9c9d65aba250db7b25e790eb378e4569b3047fe127a1f498
SSDEEP

6144:A2KpPmFfgOA8eAnR58OD6oGXahMWyIlR98gWNlPTGQQm6agrdfT:AZqA83EOD6o7hdHgNtTirdfT

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  c0fb27c8cbafe82f078922c13b42bd50f9f5fa51a0522f8d9708084280e86a44
- Size
  
  330KB
- MD5
  
  91bffeebd299538d70f42e7f72a5c49f
- SHA1
  
  3d5ab2a2ac8a303d4c60d61cdce8f29a88fd974b
- SHA256
  
  c0fb27c8cbafe82f078922c13b42bd50f9f5fa51a0522f8d9708084280e86a44
- SHA512
  
  e6dc473bc9ff2d81d6035bb2f0bcb6050b9d4afa022aaed97fb005c55af76dad546ad857a6d1099e9c9d65aba250db7b25e790eb378e4569b3047fe127a1f498
- SSDEEP
  
  6144:A2KpPmFfgOA8eAnR58OD6oGXahMWyIlR98gWNlPTGQQm6agrdfT:AZqA83EOD6o7hdHgNtTirdfT
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2