54612d254ac274dc79c3edf66d2a1c09207fbcb5709c48b2cf7841559539f2bf | Triage

Sharing

General

Target

b93d9fe6206f8ca5334018fe6d0e2b7c
Size

577KB
Sample

240307-vvkxqshe4s
MD5

b93d9fe6206f8ca5334018fe6d0e2b7c
SHA1

5430760ef7bac294e7a72d80450d035183685ddb
SHA256

54612d254ac274dc79c3edf66d2a1c09207fbcb5709c48b2cf7841559539f2bf
SHA512

5a25f45638831c2687f80cb7586e941fa225dbc24face127686c3ef697d03a5f2c398e41c9821b1693e0e9645799c05c2b162d6fe08ac2043ab813d1f1566ecb
SSDEEP

12288:d0txg4xVB5qisrZEYGFcrPLIHsKSFi3EDER7iMKt1oPv:d8Bxpq9zGIz6SFEEDIWXje

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  b93d9fe6206f8ca5334018fe6d0e2b7c
- Size
  
  577KB
- MD5
  
  b93d9fe6206f8ca5334018fe6d0e2b7c
- SHA1
  
  5430760ef7bac294e7a72d80450d035183685ddb
- SHA256
  
  54612d254ac274dc79c3edf66d2a1c09207fbcb5709c48b2cf7841559539f2bf
- SHA512
  
  5a25f45638831c2687f80cb7586e941fa225dbc24face127686c3ef697d03a5f2c398e41c9821b1693e0e9645799c05c2b162d6fe08ac2043ab813d1f1566ecb
- SSDEEP
  
  12288:d0txg4xVB5qisrZEYGFcrPLIHsKSFi3EDER7iMKt1oPv:d8Bxpq9zGIz6SFEEDIWXje
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2