43b0b16378daf16dfa22dc17f6ad57d02dc4018833105fbeb1332ad323c332d7 | Triage

Sharing

General

Target

6f6404f102c6f83554df64bc9be9f2c1
Size

328KB
Sample

231226-px5r2aeaa7
MD5

6f6404f102c6f83554df64bc9be9f2c1
SHA1

e96f7382514392b24868d36dd04ed3a75af1475a
SHA256

43b0b16378daf16dfa22dc17f6ad57d02dc4018833105fbeb1332ad323c332d7
SHA512

4046c58bd4a03e34026f8c637b5e6a6906ba65021b1a60a076436cd71e916b37201bc9b6e9081933b403311f916a97738436b0d64e23e5da581ca7a3930b0ba5
SSDEEP

6144:lJ8glSHPNKuJzT1on9UW+K1DUT0Feilsv98gWNlPTGQQm6agrdnMGf:l0VKUT1on7wTvI7NtTirdnV

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  6f6404f102c6f83554df64bc9be9f2c1
- Size
  
  328KB
- MD5
  
  6f6404f102c6f83554df64bc9be9f2c1
- SHA1
  
  e96f7382514392b24868d36dd04ed3a75af1475a
- SHA256
  
  43b0b16378daf16dfa22dc17f6ad57d02dc4018833105fbeb1332ad323c332d7
- SHA512
  
  4046c58bd4a03e34026f8c637b5e6a6906ba65021b1a60a076436cd71e916b37201bc9b6e9081933b403311f916a97738436b0d64e23e5da581ca7a3930b0ba5
- SSDEEP
  
  6144:lJ8glSHPNKuJzT1on9UW+K1DUT0Feilsv98gWNlPTGQQm6agrdnMGf:l0VKUT1on7wTvI7NtTirdnV
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2