4580ed75e12dab2ffb87d5d4631d4c9f9b01ea4d4a1a31657f970df5fe4e49ba | Triage

Sharing

General

Target

fd6c293c6d2491b33cc7b8d567a74f40
Size

502KB
Sample

231228-2lta3sfegl
MD5

fd6c293c6d2491b33cc7b8d567a74f40
SHA1

ae4fbfda9330455dbd2a050024c471ed52c0a646
SHA256

4580ed75e12dab2ffb87d5d4631d4c9f9b01ea4d4a1a31657f970df5fe4e49ba
SHA512

286942290f13f932614a53c16b7e5dd6a21d6d09b387ae558e2c493442e7a7f93936ebb03da3e0777f56f0309cadb9dac415f0dc534986e9b2918f75749d5d49
SSDEEP

12288:ndrajxZ5awl7DW/HgoWHBXhZLqh0nUHtiK7:na7DWIXGhCUHl7

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  fd6c293c6d2491b33cc7b8d567a74f40
- Size
  
  502KB
- MD5
  
  fd6c293c6d2491b33cc7b8d567a74f40
- SHA1
  
  ae4fbfda9330455dbd2a050024c471ed52c0a646
- SHA256
  
  4580ed75e12dab2ffb87d5d4631d4c9f9b01ea4d4a1a31657f970df5fe4e49ba
- SHA512
  
  286942290f13f932614a53c16b7e5dd6a21d6d09b387ae558e2c493442e7a7f93936ebb03da3e0777f56f0309cadb9dac415f0dc534986e9b2918f75749d5d49
- SSDEEP
  
  12288:ndrajxZ5awl7DW/HgoWHBXhZLqh0nUHtiK7:na7DWIXGhCUHl7
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence