bd4634c411ba8bb4a42379c7d5c16784ba6c292982f7ef5fe0a87c76a2dbcc70 | Triage

Sharing

General

Target

2023-08-25_de8bc935a263ee8567b6169b67ba3874_xiaoba_JC.exe
Size

700KB
Sample

231013-zlkb3ahg5v
MD5

de8bc935a263ee8567b6169b67ba3874
SHA1

9f138671b9cc434926dfef1c6a20ee335648b6b8
SHA256

bd4634c411ba8bb4a42379c7d5c16784ba6c292982f7ef5fe0a87c76a2dbcc70
SHA512

cab46fbf52b22d1c32a854a55e2c71fee1c8eb5e5627530395a0962f576b9025160c4a67deab30f3427d8f1bcb82dc87579f76a4f36d813e539a5c0dc47b99b3
SSDEEP

12288:rSqIYTIQfKpkPvH70o3osXW8QB2qdyfzUEEDd9QygxDms:SQgwposm8QfWwEEDYygx

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  2023-08-25_de8bc935a263ee8567b6169b67ba3874_xiaoba_JC.exe
- Size
  
  700KB
- MD5
  
  de8bc935a263ee8567b6169b67ba3874
- SHA1
  
  9f138671b9cc434926dfef1c6a20ee335648b6b8
- SHA256
  
  bd4634c411ba8bb4a42379c7d5c16784ba6c292982f7ef5fe0a87c76a2dbcc70
- SHA512
  
  cab46fbf52b22d1c32a854a55e2c71fee1c8eb5e5627530395a0962f576b9025160c4a67deab30f3427d8f1bcb82dc87579f76a4f36d813e539a5c0dc47b99b3
- SSDEEP
  
  12288:rSqIYTIQfKpkPvH70o3osXW8QB2qdyfzUEEDd9QygxDms:SQgwposm8QfWwEEDYygx
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence