6fcd7640e0a6d96401dc81d4ac5c14c61a13eac265b5cda2e75d654735e5bf03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fcd7640e0a6d96401dc81d4ac5c14c61a13eac265b5cda2e75d654735e5bf03
Size

6KB
Sample

231010-njs1msda7z
MD5

ae58ad17509c17212d20e8a34b6182de
SHA1

2d2eabecd2a2c4b653716dabd018283e3b5915d3
SHA256

6fcd7640e0a6d96401dc81d4ac5c14c61a13eac265b5cda2e75d654735e5bf03
SHA512

5e1a69b9ccf498aa061be6f168f299728990b13888bc0a4a03193f74af50c1c5e6bf51dbc6d52d1f16ffcc8d15d3992f5b87f343aa0a198268b6bdc54869d8b8
SSDEEP

48:6+awjGQxerPYi4BylGo7DPPCBqv5e0hIBo7PDcVNM4DzdR60VP5MTbKbvfvitiOu:xerP7zPocH7bcjblP+TcCB732eNU

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  6fcd7640e0a6d96401dc81d4ac5c14c61a13eac265b5cda2e75d654735e5bf03
- Size
  
  6KB
- MD5
  
  ae58ad17509c17212d20e8a34b6182de
- SHA1
  
  2d2eabecd2a2c4b653716dabd018283e3b5915d3
- SHA256
  
  6fcd7640e0a6d96401dc81d4ac5c14c61a13eac265b5cda2e75d654735e5bf03
- SHA512
  
  5e1a69b9ccf498aa061be6f168f299728990b13888bc0a4a03193f74af50c1c5e6bf51dbc6d52d1f16ffcc8d15d3992f5b87f343aa0a198268b6bdc54869d8b8
- SSDEEP
  
  48:6+awjGQxerPYi4BylGo7DPPCBqv5e0hIBo7PDcVNM4DzdR60VP5MTbKbvfvitiOu:xerP7zPocH7bcjblP+TcCB732eNU
Score

7^/10

bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence