bcf1ebe82faf5b2eb18fa2d2c746111e95f44e4c92ed3287dbc9dfb1313bbef2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c26ecdfd3ee5aef6c7e4af37de91c896
Size

264KB
Sample

240312-ew83ysab67
MD5

c26ecdfd3ee5aef6c7e4af37de91c896
SHA1

9f5d275ea4681ad091cd5355965f4ef619ad92e7
SHA256

bcf1ebe82faf5b2eb18fa2d2c746111e95f44e4c92ed3287dbc9dfb1313bbef2
SHA512

5517129ff1ae981cdcb283a4f2bc680cc68f75228a3b1950ae927a44b43a70d4cec6466a9b4e80600bec8657c55578bf000bef41d685070677b15fb5f482c25b
SSDEEP

3072:59c0GV/ACeZbfDaLH5pl/6G8eK52/IE5mukQfel2DpdNoYNhk8tyCrXt:tGVYvpDab5pl/58elD5mukQbHNo8rXt

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  c26ecdfd3ee5aef6c7e4af37de91c896
- Size
  
  264KB
- MD5
  
  c26ecdfd3ee5aef6c7e4af37de91c896
- SHA1
  
  9f5d275ea4681ad091cd5355965f4ef619ad92e7
- SHA256
  
  bcf1ebe82faf5b2eb18fa2d2c746111e95f44e4c92ed3287dbc9dfb1313bbef2
- SHA512
  
  5517129ff1ae981cdcb283a4f2bc680cc68f75228a3b1950ae927a44b43a70d4cec6466a9b4e80600bec8657c55578bf000bef41d685070677b15fb5f482c25b
- SSDEEP
  
  3072:59c0GV/ACeZbfDaLH5pl/6G8eK52/IE5mukQfel2DpdNoYNhk8tyCrXt:tGVYvpDab5pl/58elD5mukQbHNo8rXt
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence