8c5002e3b88f478d1420de7cabec2363b0c104920d0e45c1a090537ba4aaccb1 | Triage

Sharing

General

Target

8c5002e3b88f478d1420de7cabec2363b0c104920d0e45c1a090537ba4aaccb1
Size

5.0MB
Sample

230330-ey4k9ace3z
MD5

4715cea773f5968b3bc71865bd2d75f2
SHA1

cccf459bb10ac4b90ddb87436245d927b657ce8e
SHA256

8c5002e3b88f478d1420de7cabec2363b0c104920d0e45c1a090537ba4aaccb1
SHA512

cef4cc50e013d97d496b68aaddc7d9fce076805bb4074fd008a976ab292ce19147aec88736fd7ee17482d50fc0d297eba738bfa2a2ca2e949f924dd0150fa047
SSDEEP

98304:Xapmrmc2lAu88lkcf5YjovKqGYiOE8oLj5kI4rRev+3:XzmZlq5gyjovK65E8obHW3

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  8c5002e3b88f478d1420de7cabec2363b0c104920d0e45c1a090537ba4aaccb1
- Size
  
  5.0MB
- MD5
  
  4715cea773f5968b3bc71865bd2d75f2
- SHA1
  
  cccf459bb10ac4b90ddb87436245d927b657ce8e
- SHA256
  
  8c5002e3b88f478d1420de7cabec2363b0c104920d0e45c1a090537ba4aaccb1
- SHA512
  
  cef4cc50e013d97d496b68aaddc7d9fce076805bb4074fd008a976ab292ce19147aec88736fd7ee17482d50fc0d297eba738bfa2a2ca2e949f924dd0150fa047
- SSDEEP
  
  98304:Xapmrmc2lAu88lkcf5YjovKqGYiOE8oLj5kI4rRev+3:XzmZlq5gyjovK65E8obHW3
Score

8^/10

bootkit persistence
- Blocklisted process makes network request
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2