28543f7c5e3063880b3d9fb88f5cc6914aa04ca7c3265d9b3cc7fe99bf6422b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1882e336c6038f1f881d453979740c1f
Size

723KB
Sample

231230-pm6xcaaha9
MD5

1882e336c6038f1f881d453979740c1f
SHA1

06a1d6e268d4c74a862c459e863e64c26da29d3c
SHA256

28543f7c5e3063880b3d9fb88f5cc6914aa04ca7c3265d9b3cc7fe99bf6422b0
SHA512

c26280e6d62be9608d0a3d4ec5ff78dd00fb976c83f43ede35a8b8701a4eeeae57024d19c39f26800682e7a2eef4df55f612ae3dd807777d4dfeb4ca1a833fdf
SSDEEP

12288:Ht9v5UZIvX41qVb0xxOSDjld1ABRXjIjbEeG03ExO:Ht9O4wm0xxOOrmRRWExO

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  1882e336c6038f1f881d453979740c1f
- Size
  
  723KB
- MD5
  
  1882e336c6038f1f881d453979740c1f
- SHA1
  
  06a1d6e268d4c74a862c459e863e64c26da29d3c
- SHA256
  
  28543f7c5e3063880b3d9fb88f5cc6914aa04ca7c3265d9b3cc7fe99bf6422b0
- SHA512
  
  c26280e6d62be9608d0a3d4ec5ff78dd00fb976c83f43ede35a8b8701a4eeeae57024d19c39f26800682e7a2eef4df55f612ae3dd807777d4dfeb4ca1a833fdf
- SSDEEP
  
  12288:Ht9v5UZIvX41qVb0xxOSDjld1ABRXjIjbEeG03ExO:Ht9O4wm0xxOOrmRRWExO
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence