f188556db75e2fc535533494e783e73f2641efc87649fb57fd5fe3cdbbd6b987 | Triage

Sharing

General

Target

f188556db75e2fc535533494e783e73f2641efc87649fb57fd5fe3cdbbd6b987
Size

6.4MB
Sample

240802-3wlveszera
MD5

3bb1c4f2834b417263219c9fb1d2cf33
SHA1

036c97647f8157c5ac4c42c2c87c5b67f6e9c325
SHA256

f188556db75e2fc535533494e783e73f2641efc87649fb57fd5fe3cdbbd6b987
SHA512

22068b6bd7096b1f08d99e4cc1b407f912a359f97af8ecd556a37cb64665db6f3f8c8e11b21a151a8fa27a86879f758f35c10017b2c933e0ede47b138c0f8ad8
SSDEEP

98304:nuIvRWGNq9I13NpDBRYhdLyFfqZ8d/E71XZ8gVZHWMZjwnNKsedAnC:uIvRxN02NlLYrLAhEYWHWKjgMbdd

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  f188556db75e2fc535533494e783e73f2641efc87649fb57fd5fe3cdbbd6b987
- Size
  
  6.4MB
- MD5
  
  3bb1c4f2834b417263219c9fb1d2cf33
- SHA1
  
  036c97647f8157c5ac4c42c2c87c5b67f6e9c325
- SHA256
  
  f188556db75e2fc535533494e783e73f2641efc87649fb57fd5fe3cdbbd6b987
- SHA512
  
  22068b6bd7096b1f08d99e4cc1b407f912a359f97af8ecd556a37cb64665db6f3f8c8e11b21a151a8fa27a86879f758f35c10017b2c933e0ede47b138c0f8ad8
- SSDEEP
  
  98304:nuIvRWGNq9I13NpDBRYhdLyFfqZ8d/E71XZ8gVZHWMZjwnNKsedAnC:uIvRxN02NlLYrLAhEYWHWKjgMbdd
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence