b8dfe3eddacbc421ac90fddfb5322e9ae2c5df5d1a567fc5308a22e67c429dbb | Triage

Sharing

General

Target

b8dfe3eddacbc421ac90fddfb5322e9ae2c5df5d1a567fc5308a22e67c429dbb
Size

4.8MB
Sample

240927-lsgb4ayhpc
MD5

8fb6b9b5a72576a6e85ae16adada1916
SHA1

a4f20676a0a9e2d2dd5426149d2be999a24de3cb
SHA256

b8dfe3eddacbc421ac90fddfb5322e9ae2c5df5d1a567fc5308a22e67c429dbb
SHA512

8feec54f8e0e774177a628436a44bc541a1f9dc8c2495de8f6c82191c9aa7747b5493ecc737f53a405ecc5e0984167d14f978465cfe0888b7063f3582d6d915b
SSDEEP

49152:AjLG+gXmn2DBn7Nk9RpKeVED4/vvqEDrz9HjR5Zs3GkRVb2cWf8ugIgBXYuTgJnG:XFS9RptXjXs3G8WH/g5tTgJRH46Vc4i

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  b8dfe3eddacbc421ac90fddfb5322e9ae2c5df5d1a567fc5308a22e67c429dbb
- Size
  
  4.8MB
- MD5
  
  8fb6b9b5a72576a6e85ae16adada1916
- SHA1
  
  a4f20676a0a9e2d2dd5426149d2be999a24de3cb
- SHA256
  
  b8dfe3eddacbc421ac90fddfb5322e9ae2c5df5d1a567fc5308a22e67c429dbb
- SHA512
  
  8feec54f8e0e774177a628436a44bc541a1f9dc8c2495de8f6c82191c9aa7747b5493ecc737f53a405ecc5e0984167d14f978465cfe0888b7063f3582d6d915b
- SSDEEP
  
  49152:AjLG+gXmn2DBn7Nk9RpKeVED4/vvqEDrz9HjR5Zs3GkRVb2cWf8ugIgBXYuTgJnG:XFS9RptXjXs3G8WH/g5tTgJRH46Vc4i
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence