61a8a4a365edf225943d7fb5f27827c7730df5c34189e2dac1f5f23c089f79dd | Triage

Sharing

General

Target

61a8a4a365edf225943d7fb5f27827c7730df5c34189e2dac1f5f23c089f79dd
Size

5.8MB
Sample

230616-2yd2xshb72
MD5

a667b2dd0089600c4106fcc5e2d215c0
SHA1

e226aaca862224f6cc8348accf3b4464e0ad3741
SHA256

61a8a4a365edf225943d7fb5f27827c7730df5c34189e2dac1f5f23c089f79dd
SHA512

a2c27b4c42d99ebbe1c3a35c268922b2e613abf491cbee32de13ff79340c54d3ecfb157e56f27f99e2c08fbe0b68d459616d8e36c85a168fff36d490f6d23944
SSDEEP

98304:zX55fiwwWVfqPGCPG0Z2Hb57nVuUikaH5gBxNEjYS2/+:zuww3Zab57nPraH2rNEjYSW+

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  61a8a4a365edf225943d7fb5f27827c7730df5c34189e2dac1f5f23c089f79dd
- Size
  
  5.8MB
- MD5
  
  a667b2dd0089600c4106fcc5e2d215c0
- SHA1
  
  e226aaca862224f6cc8348accf3b4464e0ad3741
- SHA256
  
  61a8a4a365edf225943d7fb5f27827c7730df5c34189e2dac1f5f23c089f79dd
- SHA512
  
  a2c27b4c42d99ebbe1c3a35c268922b2e613abf491cbee32de13ff79340c54d3ecfb157e56f27f99e2c08fbe0b68d459616d8e36c85a168fff36d490f6d23944
- SSDEEP
  
  98304:zX55fiwwWVfqPGCPG0Z2Hb57nVuUikaH5gBxNEjYS2/+:zuww3Zab57nPraH2rNEjYSW+
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Bootkit

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence