General

  • Target

    0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5

  • Size

    25MB

  • Sample

    230330-h3gh3ach8y

  • MD5

    d26dc1596949eb18a796a336bd9ccfae

  • SHA1

    b2f5ca9fcc2b9b094d90fd218b58811d40a0a1a1

  • SHA256

    0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5

  • SHA512

    903c44fbc4a2bfb13a0b71724550dd3780c209f448123e4691f0ff1dfa837ea7c3e117f67e089e62293770220124aa0161e0663bd3ef2a7f17491edcf4bc71ea

  • SSDEEP

    786432:7jGT5rmZkvv5Ki6ZNDRLPjqLBeYPWEiR4mEAnG4f3V:7jG1mZkhqNLPmLMu7a/EA9t

Score
7/10

Malware Config

Targets

    • Target

      0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5

    • Size

      25MB

    • MD5

      d26dc1596949eb18a796a336bd9ccfae

    • SHA1

      b2f5ca9fcc2b9b094d90fd218b58811d40a0a1a1

    • SHA256

      0d8d3928e5f3952acd078a8b3b34fd34fc61cdee2ff82c9da2bfb98c6bb701f5

    • SHA512

      903c44fbc4a2bfb13a0b71724550dd3780c209f448123e4691f0ff1dfa837ea7c3e117f67e089e62293770220124aa0161e0663bd3ef2a7f17491edcf4bc71ea

    • SSDEEP

      786432:7jGT5rmZkvv5Ki6ZNDRLPjqLBeYPWEiR4mEAnG4f3V:7jG1mZkhqNLPmLMu7a/EA9t

    Score
    7/10
    • Loads dropped DLL

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Tasks