28fe69ff25ddcc1c0c5b0be3979f82ad13a6bd77d8815952ef5b3b8b857b8556 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

703af27819ab55e5abdcb5ade128d24c
Size

136KB
Sample

231226-p6myksfdg6
MD5

703af27819ab55e5abdcb5ade128d24c
SHA1

1379e079ea0aee003e930414c8e3db9091a5c1b6
SHA256

28fe69ff25ddcc1c0c5b0be3979f82ad13a6bd77d8815952ef5b3b8b857b8556
SHA512

8dd345b453c0b76fbe4768b782e7e1200a4819b5d397f24c9184d184954def44ae911d99f7f2794f9cc30d3088dd6ef24016cebb50b1e8cf897b5a6ce4e6d75b
SSDEEP

3072:uM9kBGH9dnwCKaWlp+9Gic6DX57EFrX8oRUS/qx2TPvd5E7A/E:l9YGH9pwCilc9Gic6EFrXTTu2TndVE

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  Joint_Task_serials_key_by_ACME.exe
- Size
  
  148KB
- MD5
  
  068af7cdec17c93592253f7dba0145f0
- SHA1
  
  7ab2e7bb8fea8f0b4071699211601cb63eb8f53f
- SHA256
  
  defe89e06d5c081095636314fde11d852c89c943346b2b846494f63fc3faa12f
- SHA512
  
  6338839a6ac6909ac184b4e49cf06f8e44114b80f4fa3f6c9b9dd0b85c8ac3a78fe5cdab5acc88712643b3e04c97878b20ea1def22bf612c73980ac2a019660a
- SSDEEP
  
  3072:Gr8+zm+lJDhQ1RcOb/cc9Ku49BRXJ7aD6DX57EFrX8oRUS5o+N86dR:S6cOR9Ku49X5eD6EFrXTT5o+N8Y
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2