8765d33fc496039ed8b04ee930b9b0480af47a732a735fa7eb41748f9f12a99f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f77f9fc89f3f02f52d71259841f8877
Size

431KB
Sample

231226-vq21fshch4
MD5

7f77f9fc89f3f02f52d71259841f8877
SHA1

50d55d26b782ac20e2d6c61cb9782df523a9e003
SHA256

8765d33fc496039ed8b04ee930b9b0480af47a732a735fa7eb41748f9f12a99f
SHA512

2e2f49a4a13c763c4c7e368cff16bfca6df2ab00c87ed3c54f1b198e0eec0a1c5317c3b9bbbb0a396763abacaffd7d4de4b634346ee383385fa5bfb03bf8a59e
SSDEEP

6144:JD4uvgXJ1m8IAEP7DHN8/r0zdP+LrzecXDnff9JBOsi1wFWVwFpza:J0uvgX2LP7dP+LrScXjff9JBOKWVwFpm

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  7f77f9fc89f3f02f52d71259841f8877
- Size
  
  431KB
- MD5
  
  7f77f9fc89f3f02f52d71259841f8877
- SHA1
  
  50d55d26b782ac20e2d6c61cb9782df523a9e003
- SHA256
  
  8765d33fc496039ed8b04ee930b9b0480af47a732a735fa7eb41748f9f12a99f
- SHA512
  
  2e2f49a4a13c763c4c7e368cff16bfca6df2ab00c87ed3c54f1b198e0eec0a1c5317c3b9bbbb0a396763abacaffd7d4de4b634346ee383385fa5bfb03bf8a59e
- SSDEEP
  
  6144:JD4uvgXJ1m8IAEP7DHN8/r0zdP+LrzecXDnff9JBOsi1wFWVwFpza:J0uvgX2LP7dP+LrScXjff9JBOKWVwFpm
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence