egregor | ef9e517a597bb154f045d58dd7dda00e421c69154777b79b89b9659c5b7e8061 | Triage

Sharing

General

Target

ef9e517a597bb154f045d58dd7dda00e421c69154777b79b89b9659c5b7e8061
Size

537KB
Sample

230122-pse1taga46
MD5

99ae89d49036c0e2f934339510c68bea
SHA1

b05fe3112ff3b29aca6b510cb093094ad10011d4
SHA256

ef9e517a597bb154f045d58dd7dda00e421c69154777b79b89b9659c5b7e8061
SHA512

7a6c48ab4a1894a6712bc337d356f984a38e18f4005bd259a016f9bf634eff92f349f61f49aa0990d579bb50c423930700a6a2874371160f8664cc56a35580a7
SSDEEP

6144:4gWnATR10e5cDOT4cFxWdkGjZJi8mImDGHGaLtKXuRth1M+H:Cq10/DOT4ce3j7DDKXuRthG+

Score

10^/10

egregor bootkit persistence

Malware Config

Targets

- Target
  
  ef9e517a597bb154f045d58dd7dda00e421c69154777b79b89b9659c5b7e8061
- Size
  
  537KB
- MD5
  
  99ae89d49036c0e2f934339510c68bea
- SHA1
  
  b05fe3112ff3b29aca6b510cb093094ad10011d4
- SHA256
  
  ef9e517a597bb154f045d58dd7dda00e421c69154777b79b89b9659c5b7e8061
- SHA512
  
  7a6c48ab4a1894a6712bc337d356f984a38e18f4005bd259a016f9bf634eff92f349f61f49aa0990d579bb50c423930700a6a2874371160f8664cc56a35580a7
- SSDEEP
  
  6144:4gWnATR10e5cDOT4cFxWdkGjZJi8mImDGHGaLtKXuRth1M+H:Cq10/DOT4ce3j7DDKXuRthG+
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Hidden Files and Directories

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence