b996abe0380cf3c59a32f1573fe0bdd51c69d7096e9034d43415de71684770e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b996abe0380cf3c59a32f1573fe0bdd51c69d7096e9034d43415de71684770e9
Size

11.3MB
Sample

240703-zgek1swfpr
MD5

a1a822766c39ea68c333d6837996f33b
SHA1

1d22da2b9f2d4d1d7fcb02916908e534c576eb60
SHA256

b996abe0380cf3c59a32f1573fe0bdd51c69d7096e9034d43415de71684770e9
SHA512

deca6e208ea9ce72a1084de8e4056dc07f7b0cd2eeacc6bc7af1637eb497ad4574cda29d5c602435071b60d6f8fb59b1b80ccb8aaefd9f0ef596d23b786e8fb2
SSDEEP

98304:ASriysbuPIY4HWsR6nZZHgVrsEcTiiAvLa0oYkufaI5gn/H6gkMuHrKJJBAUZLC0:KaPIY4HSZHgVrsEyi80+g75gCOJJVm0

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  b996abe0380cf3c59a32f1573fe0bdd51c69d7096e9034d43415de71684770e9
- Size
  
  11.3MB
- MD5
  
  a1a822766c39ea68c333d6837996f33b
- SHA1
  
  1d22da2b9f2d4d1d7fcb02916908e534c576eb60
- SHA256
  
  b996abe0380cf3c59a32f1573fe0bdd51c69d7096e9034d43415de71684770e9
- SHA512
  
  deca6e208ea9ce72a1084de8e4056dc07f7b0cd2eeacc6bc7af1637eb497ad4574cda29d5c602435071b60d6f8fb59b1b80ccb8aaefd9f0ef596d23b786e8fb2
- SSDEEP
  
  98304:ASriysbuPIY4HWsR6nZZHgVrsEcTiiAvLa0oYkufaI5gn/H6gkMuHrKJJBAUZLC0:KaPIY4HSZHgVrsEyi80+g75gCOJJVm0
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2