General

  • Target

    4b847d4b94a2e031dee85bfcea7e5d0a9a4db46cfd929f41c492710c3a00337b

  • Size

    5.5MB

  • Sample

    221205-dlk3psaf28

  • MD5

    b43d09bea6bbb8bc85d27012a788b9e9

  • SHA1

    1b0630c5c9c83604b767c1af8c47a185d8342a24

  • SHA256

    4b847d4b94a2e031dee85bfcea7e5d0a9a4db46cfd929f41c492710c3a00337b

  • SHA512

    7104c47ef8304299f882baf0cb2d54fa0f741cea4fda08574fd0f0928ae8594dc441f3caa52761c295ac39993054417df92f2a99f74c76ffc057b61db070caa1

  • SSDEEP

    98304:jcEqnnGq/7QHEM6IbXpAUZiuVlrXILZXS5+cnXaTQjsY09eUdaA4:anfQkM6s/VhX4C5+cX6u09hP

Score
6/10

Malware Config

Targets

    • Target

      4b847d4b94a2e031dee85bfcea7e5d0a9a4db46cfd929f41c492710c3a00337b

    • Size

      5.5MB

    • MD5

      b43d09bea6bbb8bc85d27012a788b9e9

    • SHA1

      1b0630c5c9c83604b767c1af8c47a185d8342a24

    • SHA256

      4b847d4b94a2e031dee85bfcea7e5d0a9a4db46cfd929f41c492710c3a00337b

    • SHA512

      7104c47ef8304299f882baf0cb2d54fa0f741cea4fda08574fd0f0928ae8594dc441f3caa52761c295ac39993054417df92f2a99f74c76ffc057b61db070caa1

    • SSDEEP

      98304:jcEqnnGq/7QHEM6IbXpAUZiuVlrXILZXS5+cnXaTQjsY09eUdaA4:anfQkM6s/VhX4C5+cX6u09hP

    Score
    6/10
    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Tasks