51e9bc80a2cced420fbb583ef7fd0829c4960ef3f90c27e947c4906aa161f28a | Triage

Sharing

General

Target

738f9e8df9ee0e5cb2283a8482d63169
Size

331KB
Sample

240125-dhvsqsfbgk
MD5

738f9e8df9ee0e5cb2283a8482d63169
SHA1

834b94a3a23eece96081579fe5e61a7b7a35e405
SHA256

51e9bc80a2cced420fbb583ef7fd0829c4960ef3f90c27e947c4906aa161f28a
SHA512

9c5843b289b1a097dc00df58dee69a897425176d76f80a286869c985dcd8c12a69b97d598cc221246bf9aa13a463e9321a7cb50337196c1d8a28636486416776
SSDEEP

6144:nS+QH6yN8wfRe3q+2ZYbO2PY/eQanlrUJGIOTkXXeRy+4bQjhjMuxY:LE6y66e3N272PYXZJGIOo+R73m

Score

7^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  738f9e8df9ee0e5cb2283a8482d63169
- Size
  
  331KB
- MD5
  
  738f9e8df9ee0e5cb2283a8482d63169
- SHA1
  
  834b94a3a23eece96081579fe5e61a7b7a35e405
- SHA256
  
  51e9bc80a2cced420fbb583ef7fd0829c4960ef3f90c27e947c4906aa161f28a
- SHA512
  
  9c5843b289b1a097dc00df58dee69a897425176d76f80a286869c985dcd8c12a69b97d598cc221246bf9aa13a463e9321a7cb50337196c1d8a28636486416776
- SSDEEP
  
  6144:nS+QH6yN8wfRe3q+2ZYbO2PY/eQanlrUJGIOTkXXeRy+4bQjhjMuxY:LE6y66e3N272PYXZJGIOo+R73m
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx