35fffba20de2b9c8c74708f99d4e21df4532165c2164bfb396b1dcca50e6ef79 | Triage

Sharing

General

Target

Technetium.zip
Size

96KB
Sample

240525-lvz7zsda41
MD5

df17b4bf9ea1f2c46f234fd4ef345e87
SHA1

5a176f333537fec1d38f2dd043b572bb1d2c5bbd
SHA256

35fffba20de2b9c8c74708f99d4e21df4532165c2164bfb396b1dcca50e6ef79
SHA512

b626eff80de08be9ee246a047af20bfa97ebff1dc22862c9a90a2adf728ea0b1e7441f78cfa188fc4dd687c52a382143ae1dfe8519eb3ebc77c5a19d9d1b84fb
SSDEEP

3072:9cPKaikMNfV4NQHLucb4GBocD3FTPTSgqM:+SaYttyc7WyPTf

Score

8^/10

bootkit evasion persistence

Malware Config

Targets

- Target
  
  Technetium-safety.exe
- Size
  
  88KB
- MD5
  
  f1fe8b17b6ba2ebb8c9679f21a39d83c
- SHA1
  
  77b20cdcb3725f3f8974c66249a421072419c184
- SHA256
  
  236ca7c8dda7f59f3ad4af622879a180f6871626a8db0c796ac132c83c0f2689
- SHA512
  
  7b0b03d4db824a841f98b68192cfe07eb3fce3b8b14b22ec9a70ad12fb9bb5234e5fee5ebf4238a96559de8b3badf64d5a8f46ad70c736e75b0f230ce0c906e6
- SSDEEP
  
  1536:Z1PS5IQIp1ukt6tzPpeOFKFNorgw1CkmlDNYJEusWwScdNesMc+xbYPU:PpIktKLpPQFNord1yoMTNesMc+9Ys
Score

1^/10
behavioral1
- Target
  
  Technetium.exe
- Size
  
  95KB
- MD5
  
  38362b6d84bce0aced80e31654466fc8
- SHA1
  
  5782809029ff8861990ce6b418cc92fc862b10c1
- SHA256
  
  b2653e241f55cbf5cd765867a4657dd0d6b6132e621d422b5ac14b6a25d349b1
- SHA512
  
  89b2e1782ef605b7f19551d1f4cc7b0126543dde04b70e18b61adcb34b954efe4174cc3da5f29d0b76e6603bde9c3e8f2de36195c262773e587983f561c9eb0a
- SSDEEP
  
  1536:3JVsCbgYChSrfmEfhML4kqJfe4qQTueOvTo5hMsWCxtcdCOUVBJ93i:wbhSr+OhAVqJf8QrQYhTx8CXJ93
Score

8^/10

bootkit evasion persistence
- Disables Task Manager via registry modification
  evasion
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bootkitevasionpersistence