123b2825882b30a3118e63934c16ffb65a927906d6f3f6bbf3e61af824b37172 | Triage

Sharing

General

Target

01a823460418a1d5a0cd5997fe965efc
Size

20KB
Sample

231229-x5frwaafel
MD5

01a823460418a1d5a0cd5997fe965efc
SHA1

5da6a505868fb3c389f24add492ca2a8c51f0996
SHA256

123b2825882b30a3118e63934c16ffb65a927906d6f3f6bbf3e61af824b37172
SHA512

d7b28364eb2ac003f05936215f795a5dc6ecbcc2d95fe6848380adca5bdf0dea06dd5cf5efe3c91bd461ce28ad44dc5a9b5b2d33e65cc60d1e5e484a0a0f9551
SSDEEP

384:xzHmhwJr+qaSXvDXPxa9TwK2usg3D1360rkb8Ex4f8nM:vxJdGTX5Ex4fZ

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  01a823460418a1d5a0cd5997fe965efc
- Size
  
  20KB
- MD5
  
  01a823460418a1d5a0cd5997fe965efc
- SHA1
  
  5da6a505868fb3c389f24add492ca2a8c51f0996
- SHA256
  
  123b2825882b30a3118e63934c16ffb65a927906d6f3f6bbf3e61af824b37172
- SHA512
  
  d7b28364eb2ac003f05936215f795a5dc6ecbcc2d95fe6848380adca5bdf0dea06dd5cf5efe3c91bd461ce28ad44dc5a9b5b2d33e65cc60d1e5e484a0a0f9551
- SSDEEP
  
  384:xzHmhwJr+qaSXvDXPxa9TwK2usg3D1360rkb8Ex4f8nM:vxJdGTX5Ex4fZ
Score

6^/10

bootkit persistence
- Program crash
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence