5018b0fc94dd7650ee304dd60554c21037e3de39e32486a23106d02254c35f82 | Triage

Sharing

General

Target

5018b0fc94dd7650ee304dd60554c21037e3de39e32486a23106d02254c35f82
Size

4.8MB
Sample

240526-1r3k9sec33
MD5

130169bc2bcf6985ab09ef5373089be2
SHA1

f1ad26eaa6b47c98bd07ab0da925d54bbc168be3
SHA256

5018b0fc94dd7650ee304dd60554c21037e3de39e32486a23106d02254c35f82
SHA512

b6000660cda724509c2413736de0b77b07a616429babecfc64f3ad4ea08a6302378edb4ae523379a75b580b1ea125a9c69aa91e2083b982ed4e77d4ca08a6273
SSDEEP

98304:seLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5YINfSyo8aXV:TcmZl85gyjovK65E8ob5Sx8aXV

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  5018b0fc94dd7650ee304dd60554c21037e3de39e32486a23106d02254c35f82
- Size
  
  4.8MB
- MD5
  
  130169bc2bcf6985ab09ef5373089be2
- SHA1
  
  f1ad26eaa6b47c98bd07ab0da925d54bbc168be3
- SHA256
  
  5018b0fc94dd7650ee304dd60554c21037e3de39e32486a23106d02254c35f82
- SHA512
  
  b6000660cda724509c2413736de0b77b07a616429babecfc64f3ad4ea08a6302378edb4ae523379a75b580b1ea125a9c69aa91e2083b982ed4e77d4ca08a6273
- SSDEEP
  
  98304:seLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5YINfSyo8aXV:TcmZl85gyjovK65E8ob5Sx8aXV
Score

7^/10

bootkit persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence