afec2939f34a84d49eee6edd184c43b5fe4f796963b71f823644b9d9b5e5f969 | Triage

Sharing

General

Target

afec2939f34a84d49eee6edd184c43b5fe4f796963b71f823644b9d9b5e5f969
Size

284KB
Sample

221203-snkmaabf73
MD5

24ed82868a5ea803c86b526dcb0c9430
SHA1

6c6aaab781be78dbf793e42f8a61774dcc8c8bc4
SHA256

afec2939f34a84d49eee6edd184c43b5fe4f796963b71f823644b9d9b5e5f969
SHA512

5c315e907d55bfe308cf1efaf1371b11ac6aef7d14da562628b5117f9dbc7e7d9d11a58a834c29cb54d6da6e3d4cb988767c5c008d2de30ab966c76a5de0a491
SSDEEP

3072:FTTyW+LiBBTka15GZwPOAmv33LnDmHA//OOhgaHzIntHXzXt1+zArngYIVaaY24M:F9BQW5EmAnoXzX+zArgYIVauDnodTQ

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  afec2939f34a84d49eee6edd184c43b5fe4f796963b71f823644b9d9b5e5f969
- Size
  
  284KB
- MD5
  
  24ed82868a5ea803c86b526dcb0c9430
- SHA1
  
  6c6aaab781be78dbf793e42f8a61774dcc8c8bc4
- SHA256
  
  afec2939f34a84d49eee6edd184c43b5fe4f796963b71f823644b9d9b5e5f969
- SHA512
  
  5c315e907d55bfe308cf1efaf1371b11ac6aef7d14da562628b5117f9dbc7e7d9d11a58a834c29cb54d6da6e3d4cb988767c5c008d2de30ab966c76a5de0a491
- SSDEEP
  
  3072:FTTyW+LiBBTka15GZwPOAmv33LnDmHA//OOhgaHzIntHXzXt1+zArngYIVaaY24M:F9BQW5EmAnoXzX+zArgYIVauDnodTQ
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence