943543daaa321ea04b8002ca12102484e06d3dbd912d67fe93ada07379838f7f | Triage

Sharing

General

Target

943543daaa321ea04b8002ca12102484e06d3dbd912d67fe93ada07379838f7f
Size

4.9MB
Sample

230319-enyx1seg58
MD5

b9d71891e236be1aeed9b9a6a99dc8ce
SHA1

0c82d8368887478652c3d1049b6c211ba51b235c
SHA256

943543daaa321ea04b8002ca12102484e06d3dbd912d67fe93ada07379838f7f
SHA512

f8559c3392701a063e59444f916a971baf4a9691925f8b368d1906f249e9fbe458af573b80d4d311ff3e47d849b5d1a88ee9e1fdec16afd34eaeb1faaf3a6a3f
SSDEEP

98304:gu0gmbyldTpymEiaWIfx73bSl8GBUkMJpHTYYdVY7vM16E3GqlfiTv:f0gxv1ENLLSaGekwTYYdiZE3GqlE

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  943543daaa321ea04b8002ca12102484e06d3dbd912d67fe93ada07379838f7f
- Size
  
  4.9MB
- MD5
  
  b9d71891e236be1aeed9b9a6a99dc8ce
- SHA1
  
  0c82d8368887478652c3d1049b6c211ba51b235c
- SHA256
  
  943543daaa321ea04b8002ca12102484e06d3dbd912d67fe93ada07379838f7f
- SHA512
  
  f8559c3392701a063e59444f916a971baf4a9691925f8b368d1906f249e9fbe458af573b80d4d311ff3e47d849b5d1a88ee9e1fdec16afd34eaeb1faaf3a6a3f
- SSDEEP
  
  98304:gu0gmbyldTpymEiaWIfx73bSl8GBUkMJpHTYYdVY7vM16E3GqlfiTv:f0gxv1ENLLSaGekwTYYdiZE3GqlE
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence