General
-
Target
ecb7addda3c8aa314703c7f0270e33adf16908236eb22f57e290fc5e5cad8371
-
Size
3MB
-
Sample
230325-l58l4sed2w
-
MD5
f35e56145d1fae7380b41840e9da7a06
-
SHA1
a47056baee5ffab514e1e0bd9dac9dad7e52fa77
-
SHA256
ecb7addda3c8aa314703c7f0270e33adf16908236eb22f57e290fc5e5cad8371
-
SHA512
c8984e6aadd338c67d4323a15460ada8aa41be57007829cfd5269e43881a3a8412026ec84491512fb675954bd137a908188ddb0062a41f982017fed4466311e5
-
SSDEEP
98304:fBHB2pne7a1mN1E8lkcf5YjovKqGYiOE8oLj5jIJ:fv1GGE5gyjovK65E8oqJ
Malware Config
Targets
-
-
Target
ecb7addda3c8aa314703c7f0270e33adf16908236eb22f57e290fc5e5cad8371
-
Size
3MB
-
MD5
f35e56145d1fae7380b41840e9da7a06
-
SHA1
a47056baee5ffab514e1e0bd9dac9dad7e52fa77
-
SHA256
ecb7addda3c8aa314703c7f0270e33adf16908236eb22f57e290fc5e5cad8371
-
SHA512
c8984e6aadd338c67d4323a15460ada8aa41be57007829cfd5269e43881a3a8412026ec84491512fb675954bd137a908188ddb0062a41f982017fed4466311e5
-
SSDEEP
98304:fBHB2pne7a1mN1E8lkcf5YjovKqGYiOE8oLj5jIJ:fv1GGE5gyjovK65E8oqJ
Score8/10-
Blocklisted process makes network request
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
System Information Discovery
1Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Bootkit
1Privilege Escalation