0acde791416ef240fc145106f6ff6f2840a0d7b99a30102d95dc663c835f5c0a | Triage

Sharing

General

Target

0c2c7664a605d6f9a5718b4b8f4f5178
Size

458KB
Sample

231230-dbzhcafccp
MD5

0c2c7664a605d6f9a5718b4b8f4f5178
SHA1

3ed9b5119fe3ca8458fcdef3e346a0ab0f796481
SHA256

0acde791416ef240fc145106f6ff6f2840a0d7b99a30102d95dc663c835f5c0a
SHA512

4df3ebcbc7fa7c14a3b8d9792986d4516d26d3b95470a6382509fb83d516473eaafd4d686c3937abbd7bb88a170ef490048ebf4ed6825617c974c7dc81a74c09
SSDEEP

12288:m5FYuRsEPTjn0nLxgeQOeuEgNtTirdmPq:mQ+sErj0nLGuzTEdmy

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  0c2c7664a605d6f9a5718b4b8f4f5178
- Size
  
  458KB
- MD5
  
  0c2c7664a605d6f9a5718b4b8f4f5178
- SHA1
  
  3ed9b5119fe3ca8458fcdef3e346a0ab0f796481
- SHA256
  
  0acde791416ef240fc145106f6ff6f2840a0d7b99a30102d95dc663c835f5c0a
- SHA512
  
  4df3ebcbc7fa7c14a3b8d9792986d4516d26d3b95470a6382509fb83d516473eaafd4d686c3937abbd7bb88a170ef490048ebf4ed6825617c974c7dc81a74c09
- SSDEEP
  
  12288:m5FYuRsEPTjn0nLxgeQOeuEgNtTirdmPq:mQ+sErj0nLGuzTEdmy
Score

7^/10

bootkit persistence
- Deletes itself
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2