3607b05b96530494b0bb7b1ff83691cf48a67a960211452e0333f1b9e00ec441 | Triage

Sharing

General

Target

3607b05b96530494b0bb7b1ff83691cf48a67a960211452e0333f1b9e00ec441
Size

4.8MB
Sample

240907-nn32easdpg
MD5

5ce390518ccc5671235230cae228fc20
SHA1

e687aeae15e2427f421afadf43f182a16c4a0fcb
SHA256

3607b05b96530494b0bb7b1ff83691cf48a67a960211452e0333f1b9e00ec441
SHA512

df901a50fed0dcbb395ee1790a71af20ce567222117bebad54b0c5374766cbceb2111d16c5fab0e721bd27240b9e8fc4ff3825dee635a9caa30e4880ea085f86
SSDEEP

98304:WeLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5dIClU3OOQO+YQ:FcmZl85gyjovK65E8oEClU3oO1Q

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  3607b05b96530494b0bb7b1ff83691cf48a67a960211452e0333f1b9e00ec441
- Size
  
  4.8MB
- MD5
  
  5ce390518ccc5671235230cae228fc20
- SHA1
  
  e687aeae15e2427f421afadf43f182a16c4a0fcb
- SHA256
  
  3607b05b96530494b0bb7b1ff83691cf48a67a960211452e0333f1b9e00ec441
- SHA512
  
  df901a50fed0dcbb395ee1790a71af20ce567222117bebad54b0c5374766cbceb2111d16c5fab0e721bd27240b9e8fc4ff3825dee635a9caa30e4880ea085f86
- SSDEEP
  
  98304:WeLpmrmc2lAu28lkcf5YjovKqGYiOE8oLj5dIClU3OOQO+YQ:FcmZl85gyjovK65E8oEClU3oO1Q
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence