General

  • Target

    4ab364f06d66e89313e1c8c4cb4fca9c8584efbd071a55e3c835d0bf7745ad15

  • Size

    5.1MB

  • Sample

    230330-16qj9aag4w

  • MD5

    ebb12ca62bc0813f2da8af2f99f3b8d8

  • SHA1

    dc388c3aba3057e938e03017e9ebb236a92efbca

  • SHA256

    4ab364f06d66e89313e1c8c4cb4fca9c8584efbd071a55e3c835d0bf7745ad15

  • SHA512

    123d3795c84863d90199bc4f669c292cab2b389409a33a70d774bdafa5cb357a5e1e63bca87750ce67e67b452de806a41a2dc1409b89a14a9c3d9a48f73d5b14

  • SSDEEP

    98304:fBHB2pne7a1mN1E8lkcf5YjovKqGYiOE8oLj5jIrHL3GqHqUN:fv1GGE5gyjovK65E8oqjLP3N

Score
8/10

Malware Config

Targets

    • Target

      4ab364f06d66e89313e1c8c4cb4fca9c8584efbd071a55e3c835d0bf7745ad15

    • Size

      5.1MB

    • MD5

      ebb12ca62bc0813f2da8af2f99f3b8d8

    • SHA1

      dc388c3aba3057e938e03017e9ebb236a92efbca

    • SHA256

      4ab364f06d66e89313e1c8c4cb4fca9c8584efbd071a55e3c835d0bf7745ad15

    • SHA512

      123d3795c84863d90199bc4f669c292cab2b389409a33a70d774bdafa5cb357a5e1e63bca87750ce67e67b452de806a41a2dc1409b89a14a9c3d9a48f73d5b14

    • SSDEEP

      98304:fBHB2pne7a1mN1E8lkcf5YjovKqGYiOE8oLj5jIrHL3GqHqUN:fv1GGE5gyjovK65E8oqjLP3N

    Score
    8/10
    • Blocklisted process makes network request

    • Loads dropped DLL

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Discovery

System Information Discovery

1
T1082

Tasks