303477747302b2d6f7e0ca3e7b3bf00493ffa6543da195c26cfa1a5e2b79ec6c | Triage

Sharing

General

Target

vocron.zip
Size

746KB
Sample

231029-fhahxagd49
MD5

31fd48a3050f46f0f6d596139f654381
SHA1

9dee3e0f73b70861272671b196ff047f5ed29b0c
SHA256

303477747302b2d6f7e0ca3e7b3bf00493ffa6543da195c26cfa1a5e2b79ec6c
SHA512

ba54cc28016a098766801fda543e011d565dd0759675cbbd50940f0c0e6093a8e530e23b70aedf3cf5a344d900a1a55267e39eadbe6b19e9dba18f3031ddfcd0
SSDEEP

12288:Adcm8n+Rk+/pLBYCujZJYIwc1stOlUgRhbRFgwP0QLHXgOPjLRgr1:AC+RXLBpAWABhvghQbwOPj+1

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  Roentgenium.exe
- Size
  
  242KB
- MD5
  
  2beb2b6e43c116c7dcee6422c2f9336a
- SHA1
  
  00a9e9692a5fb702f9af849ad54e2c2c2cbc2922
- SHA256
  
  4bb94cf51bee6e55a2adf0107562d5e8076fc863f3e6610355aed39e040ce466
- SHA512
  
  0f493b69c9da32fc3d2f3dd36fa7b533b277f1418dc5b47ab1d48fe238a16cd15e8d8f9bb9086439c660bc2ec9a2dd5cf6fae625992344976c854c2c7eabb661
- SSDEEP
  
  1536:Iev1XT3NWs5LFtyQJDE34ESFBp/BL8gZYJ5BsKs6KwS27VlGdDXiSL:D1zx5L7c4ES7pBQjJ5BE6fSElGJtL
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence