9b73a07c36f996b04968b61ca06da40109824f03b304267828e44c4fdd836cee | Triage

Sharing

General

Target

NSPack.exe
Size

630KB
Sample

231011-pfdl8aef7z
MD5

55d8296cf5bf2252857879003ee52390
SHA1

606d44f7c9492272ba6be28b82dec781091b7882
SHA256

9b73a07c36f996b04968b61ca06da40109824f03b304267828e44c4fdd836cee
SHA512

a0920234ea46ac07211a18ee93f46e77c21d1ba0e2627249d030b675370235573a22c176899f424b5188084b71e5538e392992436f72a75f635b48cb9b14fd46
SSDEEP

12288:dacx/ikb7gjxG6gLjUMlqDGGSGupSj8VbNtTirdS+V:dacx/iymxG66j0DGG2XVLTEdS6

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  NSPack.exe
- Size
  
  630KB
- MD5
  
  55d8296cf5bf2252857879003ee52390
- SHA1
  
  606d44f7c9492272ba6be28b82dec781091b7882
- SHA256
  
  9b73a07c36f996b04968b61ca06da40109824f03b304267828e44c4fdd836cee
- SHA512
  
  a0920234ea46ac07211a18ee93f46e77c21d1ba0e2627249d030b675370235573a22c176899f424b5188084b71e5538e392992436f72a75f635b48cb9b14fd46
- SSDEEP
  
  12288:dacx/ikb7gjxG6gLjUMlqDGGSGupSj8VbNtTirdS+V:dacx/iymxG66j0DGG2XVLTEdS6
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2