f0c6b7a3733d3cb2b1b6ccdb3777a9b5e6f06d57d44ee03fdc75b5169e5dbc87 | Triage

Sharing

General

Target

d09cbd654dd56c4c75fc279baa34c940N.exe
Size

391KB
Sample

240911-hyfe7sygna
MD5

d09cbd654dd56c4c75fc279baa34c940
SHA1

4f568ec370baee69c4cd7ab6e5332849acd3084a
SHA256

f0c6b7a3733d3cb2b1b6ccdb3777a9b5e6f06d57d44ee03fdc75b5169e5dbc87
SHA512

2c457a19ba75a5643de5c32de2c0bd577fbf4978b2c29f5834b8496d084fa05362f22229785d022c94eedde3b75b59303e85c9d5d8d5942c3787a341a0bd2f93
SSDEEP

12288:74EqnNBqQuzxv0tpRsbQ5Q/W1meyUGpXP0b2:7+nNBqbR0tpRsbQ5Q/W1HG582

Score

7^/10

aspackv2 bootkit discovery persistence

Malware Config

Targets

- Target
  
  d09cbd654dd56c4c75fc279baa34c940N.exe
- Size
  
  391KB
- MD5
  
  d09cbd654dd56c4c75fc279baa34c940
- SHA1
  
  4f568ec370baee69c4cd7ab6e5332849acd3084a
- SHA256
  
  f0c6b7a3733d3cb2b1b6ccdb3777a9b5e6f06d57d44ee03fdc75b5169e5dbc87
- SHA512
  
  2c457a19ba75a5643de5c32de2c0bd577fbf4978b2c29f5834b8496d084fa05362f22229785d022c94eedde3b75b59303e85c9d5d8d5942c3787a341a0bd2f93
- SSDEEP
  
  12288:74EqnNBqQuzxv0tpRsbQ5Q/W1meyUGpXP0b2:7+nNBqbR0tpRsbQ5Q/W1HG582
Score

6^/10

bootkit discovery persistence
- Adds Run key to start application
  persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Pre-OS Boot

Bootkit

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence