64958959324fadb7b0ef58c89464bf652f00fd2c01e3301dae2514e41865203d | Triage

Resubmissions

13/10/2023, 23:39

231013-3njebsgh23 7

13/10/2023, 23:33

231013-3jzwhsgg73 6

Sharing

General

Target

steam_appid.txt
Size

7B
Sample

231013-3jzwhsgg73
MD5

5f62f86ea8d73ea50ccfbd23a2de64d4
SHA1

b5fad218868428794a8e9e6ad2f2982e79d00309
SHA256

64958959324fadb7b0ef58c89464bf652f00fd2c01e3301dae2514e41865203d
SHA512

cfdf8691a13c19a7efccc5ea300e114bf309fbe8db37c2406d48d4b1354780ccd6d78e988d9589b604c7a61e6da201af8c685b4e571ec6f5ccb9de2756be25d4

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  steam_appid.txt
- Size
  
  7B
- MD5
  
  5f62f86ea8d73ea50ccfbd23a2de64d4
- SHA1
  
  b5fad218868428794a8e9e6ad2f2982e79d00309
- SHA256
  
  64958959324fadb7b0ef58c89464bf652f00fd2c01e3301dae2514e41865203d
- SHA512
  
  cfdf8691a13c19a7efccc5ea300e114bf309fbe8db37c2406d48d4b1354780ccd6d78e988d9589b604c7a61e6da201af8c685b4e571ec6f5ccb9de2756be25d4
Score

6^/10

bootkit persistence
- Legitimate hosting services abused for malware hosting/C2
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence