17f84c4a31916b7acb3b907ed0604888860bfc441533e4df01457502f7a0aa9f | Triage

Sharing

General

Target

c230595f0d8741d2346148efc8fc566a
Size

27KB
Sample

240312-ckw8xafb32
MD5

c230595f0d8741d2346148efc8fc566a
SHA1

c37edeed7ba2c1cead2567b801db58edd1f8da35
SHA256

17f84c4a31916b7acb3b907ed0604888860bfc441533e4df01457502f7a0aa9f
SHA512

f4052cf8871bb9321e6ad9cbc59f62a61ea98e4b6b96bd1f317b07f3f8db364f41d7ebc7dbb743ef9a054313339e99a02c1f2a2d2c365b2786446f409e6c6911
SSDEEP

384:Z2NbRI4jx3Xx1kbhNwz+qMQINez9VNwnRftFdUnRYc4FHf0WRdcVCIq9040:E1RI45h1ChWzh38ZCnkFMW3Nx0

Score

10^/10

bootkit evasion persistence

Malware Config

Targets

- Target
  
  c230595f0d8741d2346148efc8fc566a
- Size
  
  27KB
- MD5
  
  c230595f0d8741d2346148efc8fc566a
- SHA1
  
  c37edeed7ba2c1cead2567b801db58edd1f8da35
- SHA256
  
  17f84c4a31916b7acb3b907ed0604888860bfc441533e4df01457502f7a0aa9f
- SHA512
  
  f4052cf8871bb9321e6ad9cbc59f62a61ea98e4b6b96bd1f317b07f3f8db364f41d7ebc7dbb743ef9a054313339e99a02c1f2a2d2c365b2786446f409e6c6911
- SSDEEP
  
  384:Z2NbRI4jx3Xx1kbhNwz+qMQINez9VNwnRftFdUnRYc4FHf0WRdcVCIq9040:E1RI45h1ChWzh38ZCnkFMW3Nx0
Score

10^/10

bootkit evasion persistence
- Modifies visibility of file extensions in Explorer
  evasion
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bootkitevasionpersistence