381781fb02d694d488c27e998855ac4aa2f6569ac8ef053accd69e9b86313683 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06acfe6fbe9b9913b33da423f3c8bc6a
Size

26KB
Sample

231229-29kc3sgad9
MD5

06acfe6fbe9b9913b33da423f3c8bc6a
SHA1

f92444967590968acee39e53ab0e829e9b7a5a90
SHA256

381781fb02d694d488c27e998855ac4aa2f6569ac8ef053accd69e9b86313683
SHA512

eb1576817e359eaf8e7112ec9324c39eaf850c252a197a7bb39b22d1e723e6e51bf6867b4e78d4dd815c9f66c1da013164c58e5bd3afb1ab88f10a003e51a7b3
SSDEEP

384:P1aRJA0ktg0/ZWw14KyXV3k8ukVSYJXKgr/r9zkH1INn0sOHK/krhBk:PP0oDm5/PIYtDrrZkVItFOLb

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  06acfe6fbe9b9913b33da423f3c8bc6a
- Size
  
  26KB
- MD5
  
  06acfe6fbe9b9913b33da423f3c8bc6a
- SHA1
  
  f92444967590968acee39e53ab0e829e9b7a5a90
- SHA256
  
  381781fb02d694d488c27e998855ac4aa2f6569ac8ef053accd69e9b86313683
- SHA512
  
  eb1576817e359eaf8e7112ec9324c39eaf850c252a197a7bb39b22d1e723e6e51bf6867b4e78d4dd815c9f66c1da013164c58e5bd3afb1ab88f10a003e51a7b3
- SSDEEP
  
  384:P1aRJA0ktg0/ZWw14KyXV3k8ukVSYJXKgr/r9zkH1INn0sOHK/krhBk:PP0oDm5/PIYtDrrZkVItFOLb
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence