619cae7b392d41714796d7d0ebc3b78fb67420fbda075cb2971cdb0640f8ae85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

039b9e91e0cbf43c354b818eb461bf8c
Size

1021KB
Sample

231225-eadpxsdac5
MD5

039b9e91e0cbf43c354b818eb461bf8c
SHA1

9b5e5e2dde898d4559e733976a6662605ee0dd30
SHA256

619cae7b392d41714796d7d0ebc3b78fb67420fbda075cb2971cdb0640f8ae85
SHA512

e43fb8f2ece12fec197bb97b094d7c73ec503dc0239d20abaf56930a0ab923e0ada6d7c4e567cd805900bb3d658f0fdeb4edb17b038be620df063af0a0132244
SSDEEP

24576:x0sRwMRDmkAp7vOv3TVx3DNZTxOJ/hbtTI5PgK2Zq:DwMRD6E3TVxRZGDTuIZZq

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  039b9e91e0cbf43c354b818eb461bf8c
- Size
  
  1021KB
- MD5
  
  039b9e91e0cbf43c354b818eb461bf8c
- SHA1
  
  9b5e5e2dde898d4559e733976a6662605ee0dd30
- SHA256
  
  619cae7b392d41714796d7d0ebc3b78fb67420fbda075cb2971cdb0640f8ae85
- SHA512
  
  e43fb8f2ece12fec197bb97b094d7c73ec503dc0239d20abaf56930a0ab923e0ada6d7c4e567cd805900bb3d658f0fdeb4edb17b038be620df063af0a0132244
- SSDEEP
  
  24576:x0sRwMRDmkAp7vOv3TVx3DNZTxOJ/hbtTI5PgK2Zq:DwMRD6E3TVxRZGDTuIZZq
Score

7^/10

bootkit persistence
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence