a522c64898d3124168b04c2c20c8b5390e6f5c24a6d122bdd1cad302cf0266a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a522c64898d3124168b04c2c20c8b5390e6f5c24a6d122bdd1cad302cf0266a7
Size

4.8MB
Sample

240127-yc13saafg5
MD5

3aa1de974dd0317a4846b89daa8be0c6
SHA1

c12716bb695590d5b9af86dd7a47b16241349e58
SHA256

a522c64898d3124168b04c2c20c8b5390e6f5c24a6d122bdd1cad302cf0266a7
SHA512

f52dab401c525110648ecc0aff992317a8b46958e8aad38916334b9fedb8cd7ee247f866d76336f04a96c470191187b3c0609ff31fdbc300ecb17b7838bb2251
SSDEEP

98304:seLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5YINfSyo8aXN:TcmZl85gyjovK65E8ob5Sx8aXN

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  a522c64898d3124168b04c2c20c8b5390e6f5c24a6d122bdd1cad302cf0266a7
- Size
  
  4.8MB
- MD5
  
  3aa1de974dd0317a4846b89daa8be0c6
- SHA1
  
  c12716bb695590d5b9af86dd7a47b16241349e58
- SHA256
  
  a522c64898d3124168b04c2c20c8b5390e6f5c24a6d122bdd1cad302cf0266a7
- SHA512
  
  f52dab401c525110648ecc0aff992317a8b46958e8aad38916334b9fedb8cd7ee247f866d76336f04a96c470191187b3c0609ff31fdbc300ecb17b7838bb2251
- SSDEEP
  
  98304:seLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5YINfSyo8aXN:TcmZl85gyjovK65E8ob5Sx8aXN
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence