5bd06a10bf00150d81282baa4128947434c86ed1c914264f28e771c9bc8288d9 | Triage

Sharing

General

Target

a26361664f5d730258dd0a7af15fbd78
Size

1.0MB
Sample

240224-whg6raah4t
MD5

a26361664f5d730258dd0a7af15fbd78
SHA1

855d84fede54be85524f750e385450b4cc3ae398
SHA256

5bd06a10bf00150d81282baa4128947434c86ed1c914264f28e771c9bc8288d9
SHA512

23b054ac30165400b9a8621182cf1bffa8849d3ba17c414d3e45cb60887fadd0095899566eeae0f6ba2e476ea3e6c1749fdf5111eca6ebfc49e4ed401ba53a68
SSDEEP

24576:Ztz9uXStrPcYwPEdel+7gxoKI01A1nxBmf:Lz9ZVadlkgL1E3mf

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  a26361664f5d730258dd0a7af15fbd78
- Size
  
  1.0MB
- MD5
  
  a26361664f5d730258dd0a7af15fbd78
- SHA1
  
  855d84fede54be85524f750e385450b4cc3ae398
- SHA256
  
  5bd06a10bf00150d81282baa4128947434c86ed1c914264f28e771c9bc8288d9
- SHA512
  
  23b054ac30165400b9a8621182cf1bffa8849d3ba17c414d3e45cb60887fadd0095899566eeae0f6ba2e476ea3e6c1749fdf5111eca6ebfc49e4ed401ba53a68
- SSDEEP
  
  24576:Ztz9uXStrPcYwPEdel+7gxoKI01A1nxBmf:Lz9ZVadlkgL1E3mf
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2