dbae69266b5cd2ac0424d64ff65d2a4e48e4d16f534dad5cc27e3a67ee60a392 | Triage

Sharing

General

Target

6a74aa78d1802cd22d0ebfa338279470
Size

440KB
Sample

231226-ngl5bacdhn
MD5

6a74aa78d1802cd22d0ebfa338279470
SHA1

bc04ea136856e31f2333022ed2092916969ba214
SHA256

dbae69266b5cd2ac0424d64ff65d2a4e48e4d16f534dad5cc27e3a67ee60a392
SHA512

6c1855b066c23c6ee137216810db39b3da752c96009b8c6d7d4cdc73a715ab2d07509121e3c6037f457bdf348644951e08940a1a5567ad16f87f6c8baeb6bc51
SSDEEP

12288:KgTrA1Vs5JjEOgI2UMkLwS7fqTm7Tp/MlmrRpHQJ9:zTrAU5JoOgIx7pkYdi

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  6a74aa78d1802cd22d0ebfa338279470
- Size
  
  440KB
- MD5
  
  6a74aa78d1802cd22d0ebfa338279470
- SHA1
  
  bc04ea136856e31f2333022ed2092916969ba214
- SHA256
  
  dbae69266b5cd2ac0424d64ff65d2a4e48e4d16f534dad5cc27e3a67ee60a392
- SHA512
  
  6c1855b066c23c6ee137216810db39b3da752c96009b8c6d7d4cdc73a715ab2d07509121e3c6037f457bdf348644951e08940a1a5567ad16f87f6c8baeb6bc51
- SSDEEP
  
  12288:KgTrA1Vs5JjEOgI2UMkLwS7fqTm7Tp/MlmrRpHQJ9:zTrAU5JoOgIx7pkYdi
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2