67588b35aa84ebcbe5403985d59f03f6f077f9a2a91683c9343dc882ce9c6e00 | Triage

Sharing

General

Target

67588b35aa84ebcbe5403985d59f03f6f077f9a2a91683c9343dc882ce9c6e00
Size

4.8MB
Sample

240908-bwkhtayhnb
MD5

406a3e905e59d6ca52b85a62f1244af1
SHA1

7119eb7a54f4a319517fde01046c433c91a5cb00
SHA256

67588b35aa84ebcbe5403985d59f03f6f077f9a2a91683c9343dc882ce9c6e00
SHA512

7eee0c22a6518c67fe3a0bb26cf46e8cc263f0825e34d970dc373afb93fae06f11f3bf53cce8b8a1dedaefb65f4a6b28012276aa2a188363ab46fd16eca84cea
SSDEEP

98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeGS:6AVw6kx2SnIe84eGS

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  67588b35aa84ebcbe5403985d59f03f6f077f9a2a91683c9343dc882ce9c6e00
- Size
  
  4.8MB
- MD5
  
  406a3e905e59d6ca52b85a62f1244af1
- SHA1
  
  7119eb7a54f4a319517fde01046c433c91a5cb00
- SHA256
  
  67588b35aa84ebcbe5403985d59f03f6f077f9a2a91683c9343dc882ce9c6e00
- SHA512
  
  7eee0c22a6518c67fe3a0bb26cf46e8cc263f0825e34d970dc373afb93fae06f11f3bf53cce8b8a1dedaefb65f4a6b28012276aa2a188363ab46fd16eca84cea
- SSDEEP
  
  98304:cVeM4VwHuokyfK8PGcx2HynIiprw0F80XZeGS:6AVw6kx2SnIe84eGS
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence