7c6e465c4a1962bba8e763a22bf7f802f78d1b9464f4ab00012495ed5120fb47 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18ed86213679580f70af91db159e6a62
Size

543KB
Sample

231230-py6qqabcen
MD5

18ed86213679580f70af91db159e6a62
SHA1

05fb7ac4f2926873c40d130d61edabdc9d0fe370
SHA256

7c6e465c4a1962bba8e763a22bf7f802f78d1b9464f4ab00012495ed5120fb47
SHA512

ead487d61af12f4dc6d822e14ccf6f0466506f8329dceae58d6ba20a779ea7469cd52d1c72896c19b26d17d55c84a861e566a2c255eba43802c6ce2b32f1862c
SSDEEP

6144:XGNV6B0bfMC5/P5k0OZK1xItgDHHeV1dj29e6YlFFiJOcETDLsuqoyMkIBwQWj:XGNG0jMC5/21Zr8+FF1rsuWMRWj

Score

7^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  18ed86213679580f70af91db159e6a62
- Size
  
  543KB
- MD5
  
  18ed86213679580f70af91db159e6a62
- SHA1
  
  05fb7ac4f2926873c40d130d61edabdc9d0fe370
- SHA256
  
  7c6e465c4a1962bba8e763a22bf7f802f78d1b9464f4ab00012495ed5120fb47
- SHA512
  
  ead487d61af12f4dc6d822e14ccf6f0466506f8329dceae58d6ba20a779ea7469cd52d1c72896c19b26d17d55c84a861e566a2c255eba43802c6ce2b32f1862c
- SSDEEP
  
  6144:XGNV6B0bfMC5/P5k0OZK1xItgDHHeV1dj29e6YlFFiJOcETDLsuqoyMkIBwQWj:XGNG0jMC5/21Zr8+FF1rsuWMRWj
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx