ca12d6e0fe4a8f9b3b49cee8b00bf7f72ba5e70c7bbb029f8eeb466715f08b44 | Triage

Sharing

General

Target

ca12d6e0fe4a8f9b3b49cee8b00bf7f72ba5e70c7bbb029f8eeb466715f08b44
Size

5.3MB
Sample

240223-3m2vaabh34
MD5

b246811347e413162fcf0bd918dda922
SHA1

d2f2ad608104cde385b6f91ee44882a6aaf66225
SHA256

ca12d6e0fe4a8f9b3b49cee8b00bf7f72ba5e70c7bbb029f8eeb466715f08b44
SHA512

760915654ed4e20152e71a77195d1a4d564f775d0635916b6f53bb844729203895b350b512c4955b6ec900f112b1ac0e73441955c024496061b661d9984d30ac
SSDEEP

98304:ukKyerff4aiY60lKLep2lxGLRY1hGM5PTLnMmnISRDf/1gOwG:u/rffhi3ip2LGRBgPTwmnIKT1P

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  ca12d6e0fe4a8f9b3b49cee8b00bf7f72ba5e70c7bbb029f8eeb466715f08b44
- Size
  
  5.3MB
- MD5
  
  b246811347e413162fcf0bd918dda922
- SHA1
  
  d2f2ad608104cde385b6f91ee44882a6aaf66225
- SHA256
  
  ca12d6e0fe4a8f9b3b49cee8b00bf7f72ba5e70c7bbb029f8eeb466715f08b44
- SHA512
  
  760915654ed4e20152e71a77195d1a4d564f775d0635916b6f53bb844729203895b350b512c4955b6ec900f112b1ac0e73441955c024496061b661d9984d30ac
- SSDEEP
  
  98304:ukKyerff4aiY60lKLep2lxGLRY1hGM5PTLnMmnISRDf/1gOwG:u/rffhi3ip2LGRBgPTwmnIKT1P
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence