1b3116cec1a604d095a3258cb63e3276b1e4e359cce00210d7f67bc8efb31d84 | Triage

Sharing

General

Target

7e8fe29a1e36bef4c9d931ba9364729c
Size

84KB
Sample

240129-b8xznsfda2
MD5

7e8fe29a1e36bef4c9d931ba9364729c
SHA1

68ac776da49eadfc4e86388fe83999429359486b
SHA256

1b3116cec1a604d095a3258cb63e3276b1e4e359cce00210d7f67bc8efb31d84
SHA512

63391e1a4daf93d358f91216873e0d46d5fb1b4c2c7a4a548cf1bfee9b94a6102c3789e17f72779de461dec3bdc33d99bb221d570c0f9e61fb3aa3e082ea06e0
SSDEEP

1536:6IRzan4ZNxzxRWlqAP3LhlYbqRzcDrenLN5Xwll6bUIKwBeYL2:5Rw4ZNxzDU39WbqJcv8TXBgVwB5L

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  7e8fe29a1e36bef4c9d931ba9364729c
- Size
  
  84KB
- MD5
  
  7e8fe29a1e36bef4c9d931ba9364729c
- SHA1
  
  68ac776da49eadfc4e86388fe83999429359486b
- SHA256
  
  1b3116cec1a604d095a3258cb63e3276b1e4e359cce00210d7f67bc8efb31d84
- SHA512
  
  63391e1a4daf93d358f91216873e0d46d5fb1b4c2c7a4a548cf1bfee9b94a6102c3789e17f72779de461dec3bdc33d99bb221d570c0f9e61fb3aa3e082ea06e0
- SSDEEP
  
  1536:6IRzan4ZNxzxRWlqAP3LhlYbqRzcDrenLN5Xwll6bUIKwBeYL2:5Rw4ZNxzDU39WbqJcv8TXBgVwB5L
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2