General

  • Target

    subsystem.exe

  • Size

    622KB

  • Sample

    241121-zdn1aa1rbq

  • MD5

    56c1cffa45f19567384794ad5b5a123e

  • SHA1

    04d31e81611d0d3c76965af9a8072bf4e5648a83

  • SHA256

    0f5524a0a6a6cbdd4fefba43950f66ecf1b2cab791068ad94a2b230722a187c2

  • SHA512

    9afce089386a0249d0acd3e4468dd960ad1ce07c506845ed5880b8a1d649d07860625d63c3d7e4b59ae7c05c15252e97d2f366c89630a783731efd38d8a0a3d6

  • SSDEEP

    12288:aKvSnCfYnDoBaaKTAiz+1yKYqcLZAYFj848XnLZRYHuezzm:/ACfYnDoBaAyKTcLKeB8XLZUue

Malware Config

Targets

    • Target

      subsystem.exe

    • Size

      622KB

    • MD5

      56c1cffa45f19567384794ad5b5a123e

    • SHA1

      04d31e81611d0d3c76965af9a8072bf4e5648a83

    • SHA256

      0f5524a0a6a6cbdd4fefba43950f66ecf1b2cab791068ad94a2b230722a187c2

    • SHA512

      9afce089386a0249d0acd3e4468dd960ad1ce07c506845ed5880b8a1d649d07860625d63c3d7e4b59ae7c05c15252e97d2f366c89630a783731efd38d8a0a3d6

    • SSDEEP

      12288:aKvSnCfYnDoBaaKTAiz+1yKYqcLZAYFj848XnLZRYHuezzm:/ACfYnDoBaAyKTcLKeB8XLZUue

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks