a7eede27fa6e012b1d0b670ce2b2c59d743339c02d7b9747511f72fcfb0a1b30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e0fdfa4f603c5a9950bad53e2bc6f0f
Size

20KB
Sample

231230-131k2saacq
MD5

1e0fdfa4f603c5a9950bad53e2bc6f0f
SHA1

fd1788e34d98c6dd9797ceb86fad6935356ca75a
SHA256

a7eede27fa6e012b1d0b670ce2b2c59d743339c02d7b9747511f72fcfb0a1b30
SHA512

01e5d8f8acff929646f7d7b9fa45b07b351bd96b3481790f7c0f410b9f9de578bead7f85cff527959c892bac63af6f0f977f9ba333386686f1dd3bcd1c9bbeb3
SSDEEP

384:17EpFXYzDC9gW6zhYnGmMXjfOv1TUUVgaurMAUAyxUBv8jE+I:qHwDC36zhEMjfOv1TU8gaiNyxUBUj+

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  1e0fdfa4f603c5a9950bad53e2bc6f0f
- Size
  
  20KB
- MD5
  
  1e0fdfa4f603c5a9950bad53e2bc6f0f
- SHA1
  
  fd1788e34d98c6dd9797ceb86fad6935356ca75a
- SHA256
  
  a7eede27fa6e012b1d0b670ce2b2c59d743339c02d7b9747511f72fcfb0a1b30
- SHA512
  
  01e5d8f8acff929646f7d7b9fa45b07b351bd96b3481790f7c0f410b9f9de578bead7f85cff527959c892bac63af6f0f977f9ba333386686f1dd3bcd1c9bbeb3
- SSDEEP
  
  384:17EpFXYzDC9gW6zhYnGmMXjfOv1TUUVgaurMAUAyxUBv8jE+I:qHwDC36zhEMjfOv1TU8gaiNyxUBUj+
Score

6^/10

bootkit persistence
- Program crash
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence