209bc96f33b8f80ff7844313d398fd8c338e9ce6d02b550b127c6cd9b278a32e | Triage

Sharing

General

Target

45785a86adfe6e7d4769cf6a27ac856b
Size

237KB
Sample

240106-gqtgeshhgr
MD5

45785a86adfe6e7d4769cf6a27ac856b
SHA1

0b71b3a581455123f42395e0134ba9d533e5d51c
SHA256

209bc96f33b8f80ff7844313d398fd8c338e9ce6d02b550b127c6cd9b278a32e
SHA512

071a2aeed48ba140452340a8ba9e9eaf883be27c1cff70ec38f5211588b6afa40bd9ec6057d0591e43507089b2d111387a1139695d118b5c46246105d58330c8
SSDEEP

6144:a03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBxFei9k3eQFRJKHC:ac1udnLSg03ymK2Ilm1F4a4kZNOOwRYC

Score

7^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  45785a86adfe6e7d4769cf6a27ac856b
- Size
  
  237KB
- MD5
  
  45785a86adfe6e7d4769cf6a27ac856b
- SHA1
  
  0b71b3a581455123f42395e0134ba9d533e5d51c
- SHA256
  
  209bc96f33b8f80ff7844313d398fd8c338e9ce6d02b550b127c6cd9b278a32e
- SHA512
  
  071a2aeed48ba140452340a8ba9e9eaf883be27c1cff70ec38f5211588b6afa40bd9ec6057d0591e43507089b2d111387a1139695d118b5c46246105d58330c8
- SSDEEP
  
  6144:a03XFuM4nLSgTh2IcymPCHWIlm1Fa1asHPncBxFei9k3eQFRJKHC:ac1udnLSg03ymK2Ilm1F4a4kZNOOwRYC
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bootkitpersistenceupx