bbafe8444c662de8c9100fe202daddab5452cb8306ebb9571f2fed3018111025 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

sample.js

windows10-2004-x64

sample.js

macos-10.15-amd64

Resubmissions

02-04-2023 13:04

230402-qa9m5shg2x 1

02-04-2023 12:57

230402-p7e95ahf9x 6

02-04-2023 12:51

230402-p3p9jagd39 1

Sharing

General

Target

sample
Size

13KB
Sample

230402-p7e95ahf9x
MD5

1212b023dbaa2d445977844278307e8b
SHA1

e5a7f1bd2fd3f4d53c333443a2dba7ebfc9b5a2e
SHA256

bbafe8444c662de8c9100fe202daddab5452cb8306ebb9571f2fed3018111025
SHA512

aa545486fb752954b1751d0f30256b33d613a3c683b49a6262360969d14517446b1c1600f957f5ddeff505b09a0e0da8ebb04fa6d5444c2b4e19a13e0625ab3a
SSDEEP

384:rDoVGuzeVoOsKWElKeGMhUhHhhbkHs28rtGi:reGuCVoOsKZI1MCBhbGirR

Score

6^/10

bootkit macos persistence

Static task

static1

Behavioral task

behavioral1

Sample

sample.js

Resource

win10v2004-20230220-en

bootkit persistence

windows10-2004-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample.js

Resource

macos-20220504-en

macos-10.15-amd64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  13KB
- MD5
  
  1212b023dbaa2d445977844278307e8b
- SHA1
  
  e5a7f1bd2fd3f4d53c333443a2dba7ebfc9b5a2e
- SHA256
  
  bbafe8444c662de8c9100fe202daddab5452cb8306ebb9571f2fed3018111025
- SHA512
  
  aa545486fb752954b1751d0f30256b33d613a3c683b49a6262360969d14517446b1c1600f957f5ddeff505b09a0e0da8ebb04fa6d5444c2b4e19a13e0625ab3a
- SSDEEP
  
  384:rDoVGuzeVoOsKWElKeGMhUhHhhbkHs28rtGi:reGuCVoOsKZI1MCBhbGirR
Score

6^/10

bootkit persistence
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

© 2018-2024

Terms | Privacy