2855c484d93aaf89a75eef934aedaec152b969869c0c1fdf62cacf9e28f0238f | Triage

Sharing

General

Target

2855c484d93aaf89a75eef934aedaec152b969869c0c1fdf62cacf9e28f0238f
Size

6.5MB
Sample

240727-ac7zbstclr
MD5

ddb5fd7609e23dc521a5f07abcc8d873
SHA1

65e913dcc7149d6ed378aee5bfe9526846a47ef4
SHA256

2855c484d93aaf89a75eef934aedaec152b969869c0c1fdf62cacf9e28f0238f
SHA512

f5c8e71dc4cde3cfcfeb19f97427a723a1c83dfaa42d3c62dd56f8aaa237d66cb7a12de2b5aa0511d8de0d77967dd4740e2c6dbdcfad4b37f0e6a72fd4586c8f
SSDEEP

98304:euIvRPGNq9I13NpDBRYhdLyFfqZ8d/E71XZ8glVbwAicVbwV/NKsedAnC:vIvR+N02NlLYrLAhEYh/Mbdd

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  2855c484d93aaf89a75eef934aedaec152b969869c0c1fdf62cacf9e28f0238f
- Size
  
  6.5MB
- MD5
  
  ddb5fd7609e23dc521a5f07abcc8d873
- SHA1
  
  65e913dcc7149d6ed378aee5bfe9526846a47ef4
- SHA256
  
  2855c484d93aaf89a75eef934aedaec152b969869c0c1fdf62cacf9e28f0238f
- SHA512
  
  f5c8e71dc4cde3cfcfeb19f97427a723a1c83dfaa42d3c62dd56f8aaa237d66cb7a12de2b5aa0511d8de0d77967dd4740e2c6dbdcfad4b37f0e6a72fd4586c8f
- SSDEEP
  
  98304:euIvRPGNq9I13NpDBRYhdLyFfqZ8d/E71XZ8glVbwAicVbwV/NKsedAnC:vIvR+N02NlLYrLAhEYh/Mbdd
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence