92a24a597c97a5df375e35ed594d65b45f491eac313d69f734813d9530ad3f0b | Triage

Sharing

General

Target

2ddbeb47f7f4b53c2dea13800d049589
Size

341KB
Sample

231225-t6n8vsgecr
MD5

2ddbeb47f7f4b53c2dea13800d049589
SHA1

9d64f1e7ec95557bdf90c6a8fd7a61929c303a9a
SHA256

92a24a597c97a5df375e35ed594d65b45f491eac313d69f734813d9530ad3f0b
SHA512

e62bb503b3d1fb95bba6d0a37a10327f93023e136ad4c63691c4a45cc15a18453d61a7dd3f63dfd0227d396b87b36e458196ba3657f00db23e37385c1c4eaa7a
SSDEEP

6144:VfZ/nwzIhoZib9i0ju9BKVoEZUWMQUdiWin+8bomw4EfiUEcY:VfpPOZiBiq3zx9Yinvb4VG

Score

7^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  2ddbeb47f7f4b53c2dea13800d049589
- Size
  
  341KB
- MD5
  
  2ddbeb47f7f4b53c2dea13800d049589
- SHA1
  
  9d64f1e7ec95557bdf90c6a8fd7a61929c303a9a
- SHA256
  
  92a24a597c97a5df375e35ed594d65b45f491eac313d69f734813d9530ad3f0b
- SHA512
  
  e62bb503b3d1fb95bba6d0a37a10327f93023e136ad4c63691c4a45cc15a18453d61a7dd3f63dfd0227d396b87b36e458196ba3657f00db23e37385c1c4eaa7a
- SSDEEP
  
  6144:VfZ/nwzIhoZib9i0ju9BKVoEZUWMQUdiWin+8bomw4EfiUEcY:VfpPOZiBiq3zx9Yinvb4VG
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx