cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615 | Triage

Sharing

General

Target

cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
Size

13.5MB
Sample

240524-d5jnzsbf42
MD5

8b51dc6776d7107152bf6b98ecc44195
SHA1

8a127f154df6aea1d80224c04be37ee5ae4c51af
SHA256

cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
SHA512

0b26d4e0bbac268d295a65d22beb903c7e14eb576314864a27d855259d64649222e43bc6e4ab5271dc30d766e5a4c20f23f59d60362de78b9f277947a070aed2
SSDEEP

393216:NayqiLvxaN0jU21Ya74sj2Anv+geYYzpKez3BL7+1:bq9AU26aEsj2Axh2pKQ

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
- Size
  
  13.5MB
- MD5
  
  8b51dc6776d7107152bf6b98ecc44195
- SHA1
  
  8a127f154df6aea1d80224c04be37ee5ae4c51af
- SHA256
  
  cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
- SHA512
  
  0b26d4e0bbac268d295a65d22beb903c7e14eb576314864a27d855259d64649222e43bc6e4ab5271dc30d766e5a4c20f23f59d60362de78b9f277947a070aed2
- SSDEEP
  
  393216:NayqiLvxaN0jU21Ya74sj2Anv+geYYzpKez3BL7+1:bq9AU26aEsj2Axh2pKQ
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence