3c5bffb308aa9f93f56b4307ff54a68d08e3b1d5f1d17a274c0210fe345f0d34 | Triage

Sharing

General

Target

77600a9440e3344a218823240895d457
Size

725KB
Sample

231226-scea5abeh5
MD5

77600a9440e3344a218823240895d457
SHA1

36420878dd391c4a08b9cb3e02413122aa71412a
SHA256

3c5bffb308aa9f93f56b4307ff54a68d08e3b1d5f1d17a274c0210fe345f0d34
SHA512

e099d3a282c7af8e102a38dc0b4eff50b19aa224feb8c67ca6d532ccdbe292572e261d877cf52a22ccb2e39f69c70c9ddcd452e8e80bbc78e73ea5bda7d0af6e
SSDEEP

12288:1t9v5UZIvX41qVb0xxOSDjld1pBRXjIjb45Xuu/pBvJa:1t9O4wm0xxOOrHRTnNJa

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  77600a9440e3344a218823240895d457
- Size
  
  725KB
- MD5
  
  77600a9440e3344a218823240895d457
- SHA1
  
  36420878dd391c4a08b9cb3e02413122aa71412a
- SHA256
  
  3c5bffb308aa9f93f56b4307ff54a68d08e3b1d5f1d17a274c0210fe345f0d34
- SHA512
  
  e099d3a282c7af8e102a38dc0b4eff50b19aa224feb8c67ca6d532ccdbe292572e261d877cf52a22ccb2e39f69c70c9ddcd452e8e80bbc78e73ea5bda7d0af6e
- SSDEEP
  
  12288:1t9v5UZIvX41qVb0xxOSDjld1pBRXjIjb45Xuu/pBvJa:1t9O4wm0xxOOrHRTnNJa
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence