c8b71fd65b9bd79f9ff256ac251364197c83fff145435fdf8924486d5341f162 | Triage

Sharing

General

Target

c8b71fd65b9bd79f9ff256ac251364197c83fff145435fdf8924486d5341f162
Size

6.6MB
Sample

240628-c3s9zawhmh
MD5

50988ba5ebd7e11da9cea1407022c7e2
SHA1

857302a3f0a2b9637320fdcb30bf1bcdd1005bbe
SHA256

c8b71fd65b9bd79f9ff256ac251364197c83fff145435fdf8924486d5341f162
SHA512

038035ff99322c06f690f7667c3724b292dff10e4e26833e1d4bc4b4d56504da2abc47c98e3524c0310182469e53b773b8ce245ff5f02d90e5e83d9bbb47ba1a
SSDEEP

196608:NGXQiaF7UPs7m9a9wePdq+55Czy6uMiYdDMS4SKwi6uO:NsQiaFHmk97Pw+55CzNtiYdDMrSKuuO

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  c8b71fd65b9bd79f9ff256ac251364197c83fff145435fdf8924486d5341f162
- Size
  
  6.6MB
- MD5
  
  50988ba5ebd7e11da9cea1407022c7e2
- SHA1
  
  857302a3f0a2b9637320fdcb30bf1bcdd1005bbe
- SHA256
  
  c8b71fd65b9bd79f9ff256ac251364197c83fff145435fdf8924486d5341f162
- SHA512
  
  038035ff99322c06f690f7667c3724b292dff10e4e26833e1d4bc4b4d56504da2abc47c98e3524c0310182469e53b773b8ce245ff5f02d90e5e83d9bbb47ba1a
- SSDEEP
  
  196608:NGXQiaF7UPs7m9a9wePdq+55Czy6uMiYdDMS4SKwi6uO:NsQiaFHmk97Pw+55CzNtiYdDMrSKuuO
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence