72812fbf4ae87c8513fe9df88a6a28c78bb5211d13dc318e7f31e9ba22d4cd41 | Triage

Sharing

General

Target

32d8d8e04fa3817422e864b0364933c3
Size

1.5MB
Sample

231225-wlevssbcf2
MD5

32d8d8e04fa3817422e864b0364933c3
SHA1

8df08b61369e1397f19b962f5db648de5b60da26
SHA256

72812fbf4ae87c8513fe9df88a6a28c78bb5211d13dc318e7f31e9ba22d4cd41
SHA512

3279745f95f7be42d8acb8529db077eb223661d06898aad4da028e7300c49276d0502c62e94c6e6e41f12208182e8264b5e229b5cf3fbe165c14f533a1ed9af6
SSDEEP

24576:d//ccXtciIb1yqpYxfmpFcJk8LyFuo2Zs5WKvk0bq1tz1FXae:dccdciUMlukvouZ6M1z3

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  32d8d8e04fa3817422e864b0364933c3
- Size
  
  1.5MB
- MD5
  
  32d8d8e04fa3817422e864b0364933c3
- SHA1
  
  8df08b61369e1397f19b962f5db648de5b60da26
- SHA256
  
  72812fbf4ae87c8513fe9df88a6a28c78bb5211d13dc318e7f31e9ba22d4cd41
- SHA512
  
  3279745f95f7be42d8acb8529db077eb223661d06898aad4da028e7300c49276d0502c62e94c6e6e41f12208182e8264b5e229b5cf3fbe165c14f533a1ed9af6
- SSDEEP
  
  24576:d//ccXtciIb1yqpYxfmpFcJk8LyFuo2Zs5WKvk0bq1tz1FXae:dccdciUMlukvouZ6M1z3
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence