261c2dfeefc2dcb9c7a93eca182508e79e1d06397c61ca602bed98d28aac1c7f | Triage

Sharing

General

Target

261c2dfeefc2dcb9c7a93eca182508e79e1d06397c61ca602bed98d28aac1c7f
Size

4.8MB
Sample

240907-dzvjasseqj
MD5

e7e05ef4903ee9d062acf795b4898c89
SHA1

88533d73c8fb3b6655b7c05f1455ac5393054d64
SHA256

261c2dfeefc2dcb9c7a93eca182508e79e1d06397c61ca602bed98d28aac1c7f
SHA512

177bca632c3e3d1b8bd6a0ecb3bac3df66a4c09214d62331868667f710f0a0eb20ee9f95fa91aed0b5c2ba32735dabb76f110aa8a4bb59fa90906dfb44d34546
SSDEEP

98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeG7:6AVw6kx2SnIe84eG7

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  261c2dfeefc2dcb9c7a93eca182508e79e1d06397c61ca602bed98d28aac1c7f
- Size
  
  4.8MB
- MD5
  
  e7e05ef4903ee9d062acf795b4898c89
- SHA1
  
  88533d73c8fb3b6655b7c05f1455ac5393054d64
- SHA256
  
  261c2dfeefc2dcb9c7a93eca182508e79e1d06397c61ca602bed98d28aac1c7f
- SHA512
  
  177bca632c3e3d1b8bd6a0ecb3bac3df66a4c09214d62331868667f710f0a0eb20ee9f95fa91aed0b5c2ba32735dabb76f110aa8a4bb59fa90906dfb44d34546
- SSDEEP
  
  98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeG7:6AVw6kx2SnIe84eG7
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence