175e9d378894af2b863a9f23c498a70a43f5d67d59362b59a26c86f4187d6397 | Triage

Sharing

General

Target

175e9d378894af2b863a9f23c498a70a43f5d67d59362b59a26c86f4187d6397
Size

3.8MB
Sample

240103-rtht7seehj
MD5

e786188a4f43098a58d9614aecc86743
SHA1

2c3858b2f8d72634f42929f2e56a362d1d02aa44
SHA256

175e9d378894af2b863a9f23c498a70a43f5d67d59362b59a26c86f4187d6397
SHA512

61c3813f259a9baa3c8db6b34680682c4c088666071b24a018a8601895250c8aea22848359c6e337e7d40588d3083ee98dd4f98286f49df2d5cfb30f9c854c96
SSDEEP

98304:6AejIUQM1NIhJ2wJyPGhMAUu6Ve0xxiZU8:Drw8r8AXl0xMZ

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  175e9d378894af2b863a9f23c498a70a43f5d67d59362b59a26c86f4187d6397
- Size
  
  3.8MB
- MD5
  
  e786188a4f43098a58d9614aecc86743
- SHA1
  
  2c3858b2f8d72634f42929f2e56a362d1d02aa44
- SHA256
  
  175e9d378894af2b863a9f23c498a70a43f5d67d59362b59a26c86f4187d6397
- SHA512
  
  61c3813f259a9baa3c8db6b34680682c4c088666071b24a018a8601895250c8aea22848359c6e337e7d40588d3083ee98dd4f98286f49df2d5cfb30f9c854c96
- SSDEEP
  
  98304:6AejIUQM1NIhJ2wJyPGhMAUu6Ve0xxiZU8:Drw8r8AXl0xMZ
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence