c3c72546eb57b31cf3a233605c499e8821e2095a4e0f89686896f38213b45bbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3c72546eb57b31cf3a233605c499e8821e2095a4e0f89686896f38213b45bbb
Size

371KB
Sample

221204-lwkhxscd8y
MD5

b6d9679c7c146ca0ff114dbb564ba720
SHA1

bb5e356d693119c1f6f7af82c0745f8a1f9e6797
SHA256

c3c72546eb57b31cf3a233605c499e8821e2095a4e0f89686896f38213b45bbb
SHA512

722d7a51681a0405467056e40ea233712a0e0d390432a88699ba6e454ba629b1bd3798a8d0b32ab18fc7c5ab602f19fdfbef1b2f2e9f395a8854b184be69dfaf
SSDEEP

6144:Ke8L9f+LgrXv3GQOpzLajFrNCwlyFy4TyQOI5JgpcvqNplcTl2VjMgAsCMWY:s9W8Tv3GVpXaxNCayZT0Iw5pQ2JMq7x

Score

10^/10

bootkit evasion persistence

Malware Config

Targets

- Target
  
  c3c72546eb57b31cf3a233605c499e8821e2095a4e0f89686896f38213b45bbb
- Size
  
  371KB
- MD5
  
  b6d9679c7c146ca0ff114dbb564ba720
- SHA1
  
  bb5e356d693119c1f6f7af82c0745f8a1f9e6797
- SHA256
  
  c3c72546eb57b31cf3a233605c499e8821e2095a4e0f89686896f38213b45bbb
- SHA512
  
  722d7a51681a0405467056e40ea233712a0e0d390432a88699ba6e454ba629b1bd3798a8d0b32ab18fc7c5ab602f19fdfbef1b2f2e9f395a8854b184be69dfaf
- SSDEEP
  
  6144:Ke8L9f+LgrXv3GQOpzLajFrNCwlyFy4TyQOI5JgpcvqNplcTl2VjMgAsCMWY:s9W8Tv3GVpXaxNCayZT0Iw5pQ2JMq7x
Score

10^/10

bootkit persistence evasion
- Modifies firewall policy service
  evasion
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2