d125ed7d8e500116c5c1471abc507aff2a652018e6f24a1233cee97b82d88a84 | Triage

Sharing

General

Target

c1ca86f633053d4029a3e6b5f3e58ab1
Size

346KB
Sample

240311-2m9pfsge7z
MD5

c1ca86f633053d4029a3e6b5f3e58ab1
SHA1

5e713821d00dc73ebc3e5b116e8d1f29041c81be
SHA256

d125ed7d8e500116c5c1471abc507aff2a652018e6f24a1233cee97b82d88a84
SHA512

c2ee1766b049e197d05b2a15eb386b48d052b593eac1a5305a002970f6c26b958d15566f3323d296a188e06abce29cb0166a9f026eddbfbb63fd9ef25c1970ff
SSDEEP

6144:2JNGTJvpNJ16Jl6RtBbqysN6/OKGDRO6RFzhYmJ3q1wSulJq8M3x:rTp516jitPsNW6RFzqmJEn8M3x

Score

7^/10

aspackv2 bootkit persistence

Malware Config

Targets

- Target
  
  c1ca86f633053d4029a3e6b5f3e58ab1
- Size
  
  346KB
- MD5
  
  c1ca86f633053d4029a3e6b5f3e58ab1
- SHA1
  
  5e713821d00dc73ebc3e5b116e8d1f29041c81be
- SHA256
  
  d125ed7d8e500116c5c1471abc507aff2a652018e6f24a1233cee97b82d88a84
- SHA512
  
  c2ee1766b049e197d05b2a15eb386b48d052b593eac1a5305a002970f6c26b958d15566f3323d296a188e06abce29cb0166a9f026eddbfbb63fd9ef25c1970ff
- SSDEEP
  
  6144:2JNGTJvpNJ16Jl6RtBbqysN6/OKGDRO6RFzhYmJ3q1wSulJq8M3x:rTp516jitPsNW6RFzqmJEn8M3x
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2