Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

bootdata.exe
Size

8KB
Sample

230326-fwsawahe9t
MD5

0a78174420568e5aff0b81ec0050deef
SHA1

5acead5f8cd93ad5dbf7dd3044d82f1d937aab5f
SHA256

8413c7496ca732666d112ca9d565560a8563b4a1614e8eeeeade360156604e0b
SHA512

49a0a19d2fa3dd09d822fbb46c0bf8cb55c7a2a75a997b25949b5a343586a27c0fb2113718edcf7d32643e48df6554c5e4d3ba288dd459f1f0c8d649460834e8
SSDEEP

192:EqK0Y1xMew6EjI6b08a7W2f5tgN1eo2Ypv:EqKwTk67a7W2I2Ypv

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  bootdata.exe
- Size
  
  8KB
- MD5
  
  0a78174420568e5aff0b81ec0050deef
- SHA1
  
  5acead5f8cd93ad5dbf7dd3044d82f1d937aab5f
- SHA256
  
  8413c7496ca732666d112ca9d565560a8563b4a1614e8eeeeade360156604e0b
- SHA512
  
  49a0a19d2fa3dd09d822fbb46c0bf8cb55c7a2a75a997b25949b5a343586a27c0fb2113718edcf7d32643e48df6554c5e4d3ba288dd459f1f0c8d649460834e8
- SSDEEP
  
  192:EqK0Y1xMew6EjI6b08a7W2f5tgN1eo2Ypv:EqKwTk67a7W2I2Ypv
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Query Registry

T1012

System Information Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Bootkit

T1067

Privilege Escalation

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence