296becf74a7989ff8f63a1c572b8b01ff0a7e8472d4d59f31bf9167ed195b2f6 | Triage

Resubmissions

16/02/2023, 08:23

230216-kacqhsgf66 7

14/02/2023, 13:14

230214-qg2acach6z 7

14/02/2023, 13:10

230214-qetsgsde72 7

Sharing

General

Target

67cf719a695ae1b769da9253901c26d8.exe.vir
Size

5.1MB
Sample

230216-kacqhsgf66
MD5

67cf719a695ae1b769da9253901c26d8
SHA1

c148e7823e4bd98060f1b1d402aed070f99b5902
SHA256

296becf74a7989ff8f63a1c572b8b01ff0a7e8472d4d59f31bf9167ed195b2f6
SHA512

52a82db982f67f78558933c2ea5d2df8a88a20fdbedd71fcb0cd367b7c88b91a5388aec1bf5f305b1a0e8c610d489c93149599ee0fe3136d201e2522d50a5a48
SSDEEP

98304:MspkzuYnHDsB7V7UsE/8EI79WFynJih6/BG:M2Su7VSk7wQJc60

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  67cf719a695ae1b769da9253901c26d8.exe.vir
- Size
  
  5.1MB
- MD5
  
  67cf719a695ae1b769da9253901c26d8
- SHA1
  
  c148e7823e4bd98060f1b1d402aed070f99b5902
- SHA256
  
  296becf74a7989ff8f63a1c572b8b01ff0a7e8472d4d59f31bf9167ed195b2f6
- SHA512
  
  52a82db982f67f78558933c2ea5d2df8a88a20fdbedd71fcb0cd367b7c88b91a5388aec1bf5f305b1a0e8c610d489c93149599ee0fe3136d201e2522d50a5a48
- SSDEEP
  
  98304:MspkzuYnHDsB7V7UsE/8EI79WFynJih6/BG:M2Su7VSk7wQJc60
Score

7^/10

bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence