c994aadf61fdf2ae5014fa754ad422e756e34b4e169b6e1b3b361279af569c1c | Triage

Sharing

General

Target

c994aadf61fdf2ae5014fa754ad422e756e34b4e169b6e1b3b361279af569c1c
Size

4.8MB
Sample

240929-pfgzmsxdjd
MD5

73fe2ee15551ae3cbd826681a2fee6c6
SHA1

fc576a679fe5fd0ce2904411e4b3614bc36dd832
SHA256

c994aadf61fdf2ae5014fa754ad422e756e34b4e169b6e1b3b361279af569c1c
SHA512

21244928322c2497e9a55aaaeb95447813e69970d55791fc4a6fef5ba813efc7ffa92b606754549ddebb72ce2bd9c98445f2f109a83f0ebf30288dc491ba10a6
SSDEEP

98304:TVeM4VwHuokyfO8PGcx2HynIiprw0F80XZ/Kg/:5AVw+kx2SnIe84Cg/

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  c994aadf61fdf2ae5014fa754ad422e756e34b4e169b6e1b3b361279af569c1c
- Size
  
  4.8MB
- MD5
  
  73fe2ee15551ae3cbd826681a2fee6c6
- SHA1
  
  fc576a679fe5fd0ce2904411e4b3614bc36dd832
- SHA256
  
  c994aadf61fdf2ae5014fa754ad422e756e34b4e169b6e1b3b361279af569c1c
- SHA512
  
  21244928322c2497e9a55aaaeb95447813e69970d55791fc4a6fef5ba813efc7ffa92b606754549ddebb72ce2bd9c98445f2f109a83f0ebf30288dc491ba10a6
- SSDEEP
  
  98304:TVeM4VwHuokyfO8PGcx2HynIiprw0F80XZ/Kg/:5AVw+kx2SnIe84Cg/
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence