7c17fabdc3712a4ba84d7c6d98ea8ef23ec3eb5a309e994daf4ce31f1e718432 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7c17fabdc3712a4ba84d7c6d98ea8ef23ec3eb5a309e994daf4ce31f1e718432
Size

4.8MB
Sample

240113-2g62dafbhp
MD5

b6e67cf2ed9a4b8ed7da921af4f0da07
SHA1

4195f972086db5de5d96f91823f581bfa7228b5e
SHA256

7c17fabdc3712a4ba84d7c6d98ea8ef23ec3eb5a309e994daf4ce31f1e718432
SHA512

847f5c61a56fa71c90b3089ca62f1dea5cc1c2e8879bf5ba3060a25ee4321559f9a6d044e40781f9298c79b5bc4525159bcdfa3f1940269de32d181538ca8274
SSDEEP

98304:WeLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5dIClU3OOQO+Y7:FcmZl85gyjovK65E8oEClU3oO17

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  7c17fabdc3712a4ba84d7c6d98ea8ef23ec3eb5a309e994daf4ce31f1e718432
- Size
  
  4.8MB
- MD5
  
  b6e67cf2ed9a4b8ed7da921af4f0da07
- SHA1
  
  4195f972086db5de5d96f91823f581bfa7228b5e
- SHA256
  
  7c17fabdc3712a4ba84d7c6d98ea8ef23ec3eb5a309e994daf4ce31f1e718432
- SHA512
  
  847f5c61a56fa71c90b3089ca62f1dea5cc1c2e8879bf5ba3060a25ee4321559f9a6d044e40781f9298c79b5bc4525159bcdfa3f1940269de32d181538ca8274
- SSDEEP
  
  98304:WeLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5dIClU3OOQO+Y7:FcmZl85gyjovK65E8oEClU3oO17
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence