bb7d153edef7206de0623c65e40160b51605d2bd66f557317c50ba6bc0bb9f75 | Triage

Sharing

General

Target

bb7d153edef7206de0623c65e40160b51605d2bd66f557317c50ba6bc0bb9f75
Size

4.8MB
Sample

240906-q9y1pa1aqc
MD5

75dd19dd1df1c2b2d111837c03535591
SHA1

674730d052a706442aae4c1c6c71d0b73f90ea50
SHA256

bb7d153edef7206de0623c65e40160b51605d2bd66f557317c50ba6bc0bb9f75
SHA512

e14854e9fa634e7a8a941abb9f641b906562c7ea0807d647254f584e8d6cae6b741b170a5fdb22cea43b7f2b9090de25251607d7f0be0440b3909d0704da43ed
SSDEEP

98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeGN:6AVw6kx2SnIe84eGN

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  bb7d153edef7206de0623c65e40160b51605d2bd66f557317c50ba6bc0bb9f75
- Size
  
  4.8MB
- MD5
  
  75dd19dd1df1c2b2d111837c03535591
- SHA1
  
  674730d052a706442aae4c1c6c71d0b73f90ea50
- SHA256
  
  bb7d153edef7206de0623c65e40160b51605d2bd66f557317c50ba6bc0bb9f75
- SHA512
  
  e14854e9fa634e7a8a941abb9f641b906562c7ea0807d647254f584e8d6cae6b741b170a5fdb22cea43b7f2b9090de25251607d7f0be0440b3909d0704da43ed
- SSDEEP
  
  98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeGN:6AVw6kx2SnIe84eGN
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence