8fb5890f75d501936e90d1891cd97c8b23396525842fd741f9b9a441405cd01f | Triage

Resubmissions

29/02/2024, 04:47

240229-fel3jadg28 10

29/02/2024, 04:44

240229-fcynjsde6y 8

29/02/2024, 04:41

240229-fba6vsdf38 8

29/02/2024, 04:32

240229-e592lsdd77 8

29/02/2024, 04:06

240229-en6ymada83 8

29/02/2024, 03:59

240229-ekcwdach93 3

Sharing

Copy URL Twitter E-mail

General

Target

gato.jpeg
Size

54KB
Sample

240229-fba6vsdf38
MD5

cd869039e351b02dde534759ae627caa
SHA1

8c227c8532a3106c82009117500a53fceb8adcda
SHA256

8fb5890f75d501936e90d1891cd97c8b23396525842fd741f9b9a441405cd01f
SHA512

81a5b30497bb3cf7b6257728ef5f04b2e45d1ec23e159035210292b13514a82313e19c68878f50bd10a9382ed5b6a83c6356d2d2c0607a79ec2e8afbc9bc3fc0
SSDEEP

1536:g6taN+v7AZswe0Q4qKjLkvqwWsXcWQeldDrVh5Bh0K4:QEAneazLaMWQWdDJh5vI

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  gato.jpeg
- Size
  
  54KB
- MD5
  
  cd869039e351b02dde534759ae627caa
- SHA1
  
  8c227c8532a3106c82009117500a53fceb8adcda
- SHA256
  
  8fb5890f75d501936e90d1891cd97c8b23396525842fd741f9b9a441405cd01f
- SHA512
  
  81a5b30497bb3cf7b6257728ef5f04b2e45d1ec23e159035210292b13514a82313e19c68878f50bd10a9382ed5b6a83c6356d2d2c0607a79ec2e8afbc9bc3fc0
- SSDEEP
  
  1536:g6taN+v7AZswe0Q4qKjLkvqwWsXcWQeldDrVh5Bh0K4:QEAneazLaMWQWdDJh5vI
Score

8^/10

bootkit persistence
- Downloads MZ/PE file
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence