27041386d1264ff4bf94409000f5d35324253a56af763b4972070d15c7461244 | Triage

Sharing

General

Target

30a92f3eacbc6a33c7dcf1f4eb9e5d96
Size

723KB
Sample

231225-vywhmsdehq
MD5

30a92f3eacbc6a33c7dcf1f4eb9e5d96
SHA1

0a69f819155b995d69fa3c1c9cd032255ccf9526
SHA256

27041386d1264ff4bf94409000f5d35324253a56af763b4972070d15c7461244
SHA512

194b091a096aa20c97cd46473de3aa04c55ff85b704b9157c792efa024abdcb92f9cb582c446a899d10ea0b3e5c91e3f31b91c66c54d7cbd7a7c999f454ef05d
SSDEEP

12288:Xt9v5UZIvX41qVb0xxOSDjld1oBRXjIjbrmTOgZ/ze/lJ:Xt9O4wm0xxOOrOR+mTt/8J

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  30a92f3eacbc6a33c7dcf1f4eb9e5d96
- Size
  
  723KB
- MD5
  
  30a92f3eacbc6a33c7dcf1f4eb9e5d96
- SHA1
  
  0a69f819155b995d69fa3c1c9cd032255ccf9526
- SHA256
  
  27041386d1264ff4bf94409000f5d35324253a56af763b4972070d15c7461244
- SHA512
  
  194b091a096aa20c97cd46473de3aa04c55ff85b704b9157c792efa024abdcb92f9cb582c446a899d10ea0b3e5c91e3f31b91c66c54d7cbd7a7c999f454ef05d
- SSDEEP
  
  12288:Xt9v5UZIvX41qVb0xxOSDjld1oBRXjIjbrmTOgZ/ze/lJ:Xt9O4wm0xxOOrOR+mTt/8J
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence