315d80280782910fda3f77eb51f914c2eeb150ac5639bfed2f0f759c6b1c690d | Triage

Sharing

General

Target

315d80280782910fda3f77eb51f914c2eeb150ac5639bfed2f0f759c6b1c690d_JC.rar
Size

118KB
Sample

230826-rnkfvacf91
MD5

639d538d871b7ce5590d46c8e13f48b9
SHA1

799cbcc23d84b269b6e54394c36044ea1aa6c670
SHA256

315d80280782910fda3f77eb51f914c2eeb150ac5639bfed2f0f759c6b1c690d
SHA512

412272b906eb7e3d76636d21fcf398871bed5c075ba559fc8e160b0868160fd7b3f53c1ebd2c92333a47536b8024704f64753efa1e42f28cb3c54e81708a3d6b
SSDEEP

3072:pifrrky9mhTTiZrqleftQHMqfxE/ZbQs8m3C50o:pif3kKmhTT1leftQHrxAQs8m3Y

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  lxve_b_Y___(2674).cmd
- Size
  
  887B
- MD5
  
  c8c34c53b085173c76dc125fbdb740a0
- SHA1
  
  d257fa127e4c1e5530360ba9f477fa6c16dafa93
- SHA256
  
  387751f74dc3c6fd0242cf739b1f1455c2ed7fb98d522b4e8956878439dd0064
- SHA512
  
  7caf7b1d5d185d7c3c457aa2b1ceec3e1c28d162ba47496337df843632b8790f9a1df0ab7c7a23f61aa5c2fc4c360f2543cf63a5621d414af6c4fef096f7c73c
Score

1^/10
behavioral1 behavioral2
- Target
  
  ~
- Size
  
  256KB
- MD5
  
  56354f6191810e362bf2ae7b3f6e82b4
- SHA1
  
  98260eb9dbec4ef777939937b4ca797ac336e3ff
- SHA256
  
  95c16c2f74bfe9878117d341d4b259c5327f87fc10e8407b27e9a905aff0ac11
- SHA512
  
  fb40abe4838e4026a4b1c826566454ff181e68bf7f7929777f2ea63e55a8242c65f12dffb274e8c46f5f1bcb7f42661c41e7b2a62ed39050814a45de54ab8b30
- SSDEEP
  
  6144:bCfHrZae3GFqRQcMeh4WpywpjchNCPnAeb:bCfLZadcM24fRNXe
Score

8^/10

bootkit persistence
- Downloads MZ/PE file
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

bootkitpersistence

behavioral4

bootkitpersistence