713a88bfb22911a3403d35c754fa64d00efae0cbf3ec190f3ac09839f5ca6ffc | Triage

Sharing

General

Target

713a88bfb22911a3403d35c754fa64d00efae0cbf3ec190f3ac09839f5ca6ffc
Size

7.7MB
Sample

240524-n35hsagg7t
MD5

e2b515dbf84c2027b9ac3491ff09480e
SHA1

0a5043b3069dd8584205977ba52f43c970bfb898
SHA256

713a88bfb22911a3403d35c754fa64d00efae0cbf3ec190f3ac09839f5ca6ffc
SHA512

a09c0c33f6b5afd19e86b3252aba3d718ab94697599f91e8d24e18fe365ff93954a4c0299844687b4c997811a65f2a7672cc88f83128c8a5aeabeb6d91404110
SSDEEP

196608:Ei9O9nK/HbZ49RBmVE0vv8xMxGaU/4hBDf8sxrVWCTYKUAAlw:m9K/HbZ49WVfXwydfxrVW8Uxw

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  713a88bfb22911a3403d35c754fa64d00efae0cbf3ec190f3ac09839f5ca6ffc
- Size
  
  7.7MB
- MD5
  
  e2b515dbf84c2027b9ac3491ff09480e
- SHA1
  
  0a5043b3069dd8584205977ba52f43c970bfb898
- SHA256
  
  713a88bfb22911a3403d35c754fa64d00efae0cbf3ec190f3ac09839f5ca6ffc
- SHA512
  
  a09c0c33f6b5afd19e86b3252aba3d718ab94697599f91e8d24e18fe365ff93954a4c0299844687b4c997811a65f2a7672cc88f83128c8a5aeabeb6d91404110
- SSDEEP
  
  196608:Ei9O9nK/HbZ49RBmVE0vv8xMxGaU/4hBDf8sxrVWCTYKUAAlw:m9K/HbZ49WVfXwydfxrVW8Uxw
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence