2aca43ead199cfc9802663949cdbc4955e3f46960c6a5c38a5ebcb9df80a5b13 | Triage

Sharing

General

Target

2aca43ead199cfc9802663949cdbc4955e3f46960c6a5c38a5ebcb9df80a5b13
Size

6.4MB
Sample

231115-n1n31sbh7v
MD5

b0922e40b8ed591cb46ed85f1f63e740
SHA1

264106417574edfe7cb6d6ea625e6667ff64ed29
SHA256

2aca43ead199cfc9802663949cdbc4955e3f46960c6a5c38a5ebcb9df80a5b13
SHA512

a034f95485dfc9f44e9a469e59ab1100ff2c7f21a01d732b090de3cd8311aa480d3d30483fb52f921061516b61b321fb6d30ba88f7fae4f336c5e94e47bf3d22
SSDEEP

98304:/FE1KzAgvla8lJvjzcln+vUEjI7pclWSV7SxyqxrO:/EKzVvpvvclnDpeaO

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  2aca43ead199cfc9802663949cdbc4955e3f46960c6a5c38a5ebcb9df80a5b13
- Size
  
  6.4MB
- MD5
  
  b0922e40b8ed591cb46ed85f1f63e740
- SHA1
  
  264106417574edfe7cb6d6ea625e6667ff64ed29
- SHA256
  
  2aca43ead199cfc9802663949cdbc4955e3f46960c6a5c38a5ebcb9df80a5b13
- SHA512
  
  a034f95485dfc9f44e9a469e59ab1100ff2c7f21a01d732b090de3cd8311aa480d3d30483fb52f921061516b61b321fb6d30ba88f7fae4f336c5e94e47bf3d22
- SSDEEP
  
  98304:/FE1KzAgvla8lJvjzcln+vUEjI7pclWSV7SxyqxrO:/EKzVvpvvclnDpeaO
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence