863508a1bf61baaec543b2c797dadd9e8cad5f3ab6a88bfbf16e3d1a5dc31371 | Triage

Sharing

General

Target

278281650629a0d4989dd889017bec33
Size

96KB
Sample

231231-ep4jwsfhek
MD5

278281650629a0d4989dd889017bec33
SHA1

eafa0b49289881294cb01f7cd6f5d516513baf9e
SHA256

863508a1bf61baaec543b2c797dadd9e8cad5f3ab6a88bfbf16e3d1a5dc31371
SHA512

bf91aef41f54e9d8a3bac4897fe4e50aedd44f15a11f2cc12a6a301b6dfdf7538d25911e6f6292e86078ca666caec71a43f2b9f71cbdcc4787e6c520fe9cfafb
SSDEEP

1536:JWZYJMempRzD2q6JA1vMM5Js7B4kW/5Dv/rlK1V1flUmvgw89jVP:mpN9aQMqvz4Rf4w8X

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  278281650629a0d4989dd889017bec33
- Size
  
  96KB
- MD5
  
  278281650629a0d4989dd889017bec33
- SHA1
  
  eafa0b49289881294cb01f7cd6f5d516513baf9e
- SHA256
  
  863508a1bf61baaec543b2c797dadd9e8cad5f3ab6a88bfbf16e3d1a5dc31371
- SHA512
  
  bf91aef41f54e9d8a3bac4897fe4e50aedd44f15a11f2cc12a6a301b6dfdf7538d25911e6f6292e86078ca666caec71a43f2b9f71cbdcc4787e6c520fe9cfafb
- SSDEEP
  
  1536:JWZYJMempRzD2q6JA1vMM5Js7B4kW/5Dv/rlK1V1flUmvgw89jVP:mpN9aQMqvz4Rf4w8X
Score

7^/10

bootkit persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence