b8e026f99db18b87d61bd538346a27cdaab9c4f719f094d3e25189fe1f70cac7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ad6cf9bba8fc2bb94e97ee2ecdac4a4
Size

11KB
Sample

240127-v1devaaeck
MD5

7ad6cf9bba8fc2bb94e97ee2ecdac4a4
SHA1

b91d01e76bab01d14e68d5af1d71e76a6b321c32
SHA256

b8e026f99db18b87d61bd538346a27cdaab9c4f719f094d3e25189fe1f70cac7
SHA512

b23e21d2e1b51396a1f2b8bbf5c946237204c05c5ac741984c545b2c74c486669e97955bfa02437fc729f05b4437d3b2bcfc34ab50302433d566b37f9d17dff3
SSDEEP

192:2RphXNj+EKxDT6bZPHFfSyoIK/MPbNvW9pcEQ:2R7kB1uZtKHIK/MPbNvWvcEQ

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  7ad6cf9bba8fc2bb94e97ee2ecdac4a4
- Size
  
  11KB
- MD5
  
  7ad6cf9bba8fc2bb94e97ee2ecdac4a4
- SHA1
  
  b91d01e76bab01d14e68d5af1d71e76a6b321c32
- SHA256
  
  b8e026f99db18b87d61bd538346a27cdaab9c4f719f094d3e25189fe1f70cac7
- SHA512
  
  b23e21d2e1b51396a1f2b8bbf5c946237204c05c5ac741984c545b2c74c486669e97955bfa02437fc729f05b4437d3b2bcfc34ab50302433d566b37f9d17dff3
- SSDEEP
  
  192:2RphXNj+EKxDT6bZPHFfSyoIK/MPbNvW9pcEQ:2R7kB1uZtKHIK/MPbNvWvcEQ
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bootkitpersistence