841678461212803669c7cc19815f64e41457baefa7fe72306f613124e1c2da94 | Triage

Sharing

General

Target

SecuriteInfo.com.BScope.Trojan.Gleamaster.31531.30189.exe
Size

3.7MB
Sample

240727-e1c63sxcmk
MD5

465a36be17c21d86f4e0a1c23604c10b
SHA1

579ef97fc5065c9f1f15053200317b61c62c741b
SHA256

841678461212803669c7cc19815f64e41457baefa7fe72306f613124e1c2da94
SHA512

c6afeadb5045d38dc58de2ad6509d8ed65bf55667e42a0a0617e047e22d712f824106bc335481d0660d94ec0edd23ca00bb50009794f20004a526a45fbfae989
SSDEEP

98304:gJNy4LlAnp37Ekmuce5XdZaPgloBhlpv9S5vCvxCW:gJN1l7e5XdfE9S5vqx/

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  SecuriteInfo.com.BScope.Trojan.Gleamaster.31531.30189.exe
- Size
  
  3.7MB
- MD5
  
  465a36be17c21d86f4e0a1c23604c10b
- SHA1
  
  579ef97fc5065c9f1f15053200317b61c62c741b
- SHA256
  
  841678461212803669c7cc19815f64e41457baefa7fe72306f613124e1c2da94
- SHA512
  
  c6afeadb5045d38dc58de2ad6509d8ed65bf55667e42a0a0617e047e22d712f824106bc335481d0660d94ec0edd23ca00bb50009794f20004a526a45fbfae989
- SSDEEP
  
  98304:gJNy4LlAnp37Ekmuce5XdZaPgloBhlpv9S5vCvxCW:gJN1l7e5XdfE9S5vqx/
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence