9b38b0e842ecc45576a47318429cb7daa6d6c6da2a1600931773c3a4d3f317a7 | Triage

Sharing

General

Target

SecureBootUEFI.dat
Size

224KB
Sample

240314-hcshmsfb33
MD5

18fdde4bf8d3a369514b0bc8ddcf35dc
SHA1

c76be590674f9d51e8f70e93fac2f61bbd64d299
SHA256

9b38b0e842ecc45576a47318429cb7daa6d6c6da2a1600931773c3a4d3f317a7
SHA512

cd60c94c907325e7b3e288187192f4d3ce3389ff8cbe7a861d96cc2d653287eaa2750b977f92d5e50bf64268d95c6f57f0f4323125aa55f78ddba9dde9ca7a30
SSDEEP

6144:Yaf2kEDNa5rcf3KATHjhPZnC5HpF7GcH:YjDNa5rw6ATZyHp

Score

8^/10

Malware Config

Targets

- Target
  
  SecureBootUEFI.dat
- Size
  
  224KB
- MD5
  
  18fdde4bf8d3a369514b0bc8ddcf35dc
- SHA1
  
  c76be590674f9d51e8f70e93fac2f61bbd64d299
- SHA256
  
  9b38b0e842ecc45576a47318429cb7daa6d6c6da2a1600931773c3a4d3f317a7
- SHA512
  
  cd60c94c907325e7b3e288187192f4d3ce3389ff8cbe7a861d96cc2d653287eaa2750b977f92d5e50bf64268d95c6f57f0f4323125aa55f78ddba9dde9ca7a30
- SSDEEP
  
  6144:Yaf2kEDNa5rcf3KATHjhPZnC5HpF7GcH:YjDNa5rw6ATZyHp
Score

8^/10
- Blocklisted process makes network request
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2