3b213d65ab369c900364ac393a19f46fd9e917b023f87e66c30dcbc37c9bbc2f | Triage

Sharing

General

Target

3b213d65ab369c900364ac393a19f46fd9e917b023f87e66c30dcbc37c9bbc2f
Size

3.0MB
Sample

240229-jh3q8sae4v
MD5

d97e31d21c1f2767f179384651ee5249
SHA1

1dbd4eb8f9f36acc3533fe50aa01a3f2145bf3b8
SHA256

3b213d65ab369c900364ac393a19f46fd9e917b023f87e66c30dcbc37c9bbc2f
SHA512

82725e30ea05796fa6341448baa7a559b63473411565c93bc4251d112832733ddf8c6de4f514952e7539384522ba4dec1481c1411aa71ee5a5fe65ff7fb39727
SSDEEP

24576:jOUA9/DTjcfykoqRPgprTtkcYCu1Dl33wb1ajC4Ky3xyuTfZHFrAK:jORTj8oCaTCcYCuDHwb0X3nD33

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  3b213d65ab369c900364ac393a19f46fd9e917b023f87e66c30dcbc37c9bbc2f
- Size
  
  3.0MB
- MD5
  
  d97e31d21c1f2767f179384651ee5249
- SHA1
  
  1dbd4eb8f9f36acc3533fe50aa01a3f2145bf3b8
- SHA256
  
  3b213d65ab369c900364ac393a19f46fd9e917b023f87e66c30dcbc37c9bbc2f
- SHA512
  
  82725e30ea05796fa6341448baa7a559b63473411565c93bc4251d112832733ddf8c6de4f514952e7539384522ba4dec1481c1411aa71ee5a5fe65ff7fb39727
- SSDEEP
  
  24576:jOUA9/DTjcfykoqRPgprTtkcYCu1Dl33wb1ajC4Ky3xyuTfZHFrAK:jORTj8oCaTCcYCuDHwb0X3nD33
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence