a6ba8e1708cc4a769c357aba35c6f02dff20ff4c2868384c752d1332998a7c51 | Triage

Sharing

General

Target

a6ba8e1708cc4a769c357aba35c6f02dff20ff4c2868384c752d1332998a7c51
Size

9.8MB
Sample

240525-ththnshh8x
MD5

247b3eb9ce317ea888426f8971dbae0e
SHA1

469bad6df7387eacbadd25b84892c89d61e76f8c
SHA256

a6ba8e1708cc4a769c357aba35c6f02dff20ff4c2868384c752d1332998a7c51
SHA512

589a3a28ebb56c1384491242845e884620769483c5f44f4756275d284ce2c581c30c116cd514f9bf416fc5987d6f03c6a26f15189b9093dabc2783325b162109
SSDEEP

196608:mtWofdT+Itml0MnhJ/Ko1TIpeZvIhD0DYeBb97Hvng8v/KDpzO/JWPtAWyyuH:9ofd6EmlDnhUo10WDnZPVv/KpO/JgtAr

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  a6ba8e1708cc4a769c357aba35c6f02dff20ff4c2868384c752d1332998a7c51
- Size
  
  9.8MB
- MD5
  
  247b3eb9ce317ea888426f8971dbae0e
- SHA1
  
  469bad6df7387eacbadd25b84892c89d61e76f8c
- SHA256
  
  a6ba8e1708cc4a769c357aba35c6f02dff20ff4c2868384c752d1332998a7c51
- SHA512
  
  589a3a28ebb56c1384491242845e884620769483c5f44f4756275d284ce2c581c30c116cd514f9bf416fc5987d6f03c6a26f15189b9093dabc2783325b162109
- SSDEEP
  
  196608:mtWofdT+Itml0MnhJ/Ko1TIpeZvIhD0DYeBb97Hvng8v/KDpzO/JWPtAWyyuH:9ofd6EmlDnhUo10WDnZPVv/KpO/JgtAr
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence