a8b816e969bbb052ac822e0dcd4ef7021dd0e14bde5a17e58f9756cfd4209746 | Triage

Sharing

General

Target

CS16Launcher.exe
Size

219KB
Sample

230331-2t82hafe2x
MD5

002569d719a892cefdee47b40fb9de9d
SHA1

c87baaf1db6f143eafceafb0e10be366a729cff7
SHA256

a8b816e969bbb052ac822e0dcd4ef7021dd0e14bde5a17e58f9756cfd4209746
SHA512

00f19ef8b9ef56a889f31896bfba7171bb43e48a2fc2d514a38952c6d1ce122b53a516b2425cd2ff2313f2aec834bf5a438450cb12248719200bfce89e128321
SSDEEP

3072:IBYyRU+jcz36agJ2uSpbYRMGN39N07SMPGEJegpihsYtbssOmxD8X9r+fJb6u:IBYvpL6agJ2uMYrNUhJ5E5wW+u

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  CS16Launcher.exe
- Size
  
  219KB
- MD5
  
  002569d719a892cefdee47b40fb9de9d
- SHA1
  
  c87baaf1db6f143eafceafb0e10be366a729cff7
- SHA256
  
  a8b816e969bbb052ac822e0dcd4ef7021dd0e14bde5a17e58f9756cfd4209746
- SHA512
  
  00f19ef8b9ef56a889f31896bfba7171bb43e48a2fc2d514a38952c6d1ce122b53a516b2425cd2ff2313f2aec834bf5a438450cb12248719200bfce89e128321
- SSDEEP
  
  3072:IBYyRU+jcz36agJ2uSpbYRMGN39N07SMPGEJegpihsYtbssOmxD8X9r+fJb6u:IBYvpL6agJ2uMYrNUhJ5E5wW+u
Score

8^/10

bootkit persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence