a010a2fb15c68dda2bb9be66fd2e7fbfbb5bd6b1d4dcb9cdba4e061f31434fa3 | Triage

Sharing

General

Target

a010a2fb15c68dda2bb9be66fd2e7fbfbb5bd6b1d4dcb9cdba4e061f31434fa3
Size

217KB
Sample

221203-tz654afh23
MD5

cd80e90938557739d4fd350efa000914
SHA1

12f242bdb0bbdeb7fb6a33b0a002d2fb4ab2fe16
SHA256

a010a2fb15c68dda2bb9be66fd2e7fbfbb5bd6b1d4dcb9cdba4e061f31434fa3
SHA512

1430aba5530f74b4912539e6c4ea737392ee6f26ad7acc24fa0e13de71bad76720eee397c7da960dc3d80ce895abc49601bca73c656a96047149bea254b3ba10
SSDEEP

6144:spshHjT4ixdhAC4yRAf8tRljV4DjvbCbg2MLfT:sCZfHqURA4pXbg2MLb

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  a010a2fb15c68dda2bb9be66fd2e7fbfbb5bd6b1d4dcb9cdba4e061f31434fa3
- Size
  
  217KB
- MD5
  
  cd80e90938557739d4fd350efa000914
- SHA1
  
  12f242bdb0bbdeb7fb6a33b0a002d2fb4ab2fe16
- SHA256
  
  a010a2fb15c68dda2bb9be66fd2e7fbfbb5bd6b1d4dcb9cdba4e061f31434fa3
- SHA512
  
  1430aba5530f74b4912539e6c4ea737392ee6f26ad7acc24fa0e13de71bad76720eee397c7da960dc3d80ce895abc49601bca73c656a96047149bea254b3ba10
- SSDEEP
  
  6144:spshHjT4ixdhAC4yRAf8tRljV4DjvbCbg2MLfT:sCZfHqURA4pXbg2MLb
Score

8^/10

bootkit persistence
- Sets service image path in registry
  persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence