af23ff1818fe3c7fe2a9539e34ab1fa98c254e37fb90d349d6ed87795cefd62e | Triage

Submit
Reports

Overview

overview

7

Static

static

1

sample.html

windows11-21h2-x64

7

Resubmissions

01-07-2024 08:58

240701-kw98xaselg 6

01-07-2024 08:49

240701-kq6zassclb 8

01-07-2024 08:34

240701-kgfezsvenj 8

01-07-2024 08:31

240701-kepkwavdqm 8

01-07-2024 08:26

240701-kbzlnsvcnq 8

01-07-2024 08:15

240701-j5qees1brb 7

Sharing

General

Target

sample
Size

491KB
Sample

240701-j5qees1brb
MD5

06352c227e31e52c4a33996144be71da
SHA1

2e2879e290b3a411a80ec6661c9e277a8f21b2e7
SHA256

af23ff1818fe3c7fe2a9539e34ab1fa98c254e37fb90d349d6ed87795cefd62e
SHA512

40e5d682b3186f1a69c248e6199648b378ad825f8ae5db319979af7af123374dab1706032f7ad196afed8e74741abdaded1ec9d9ea5b85dc71995f4478009b5f
SSDEEP

6144:VD/AY/AYrAYyAYdAYSAYKAYsAYzAYpAYgbg:VDAiAUARA0A5ANA9AOAWAbbg

Score

7^/10

bootkit persistence

Static task

static1

Behavioral task

behavioral1

Sample

sample.html

Resource

win11-20240508-en

bootkit persistence

windows11-21h2-x64

15 signatures

1800 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  491KB
- MD5
  
  06352c227e31e52c4a33996144be71da
- SHA1
  
  2e2879e290b3a411a80ec6661c9e277a8f21b2e7
- SHA256
  
  af23ff1818fe3c7fe2a9539e34ab1fa98c254e37fb90d349d6ed87795cefd62e
- SHA512
  
  40e5d682b3186f1a69c248e6199648b378ad825f8ae5db319979af7af123374dab1706032f7ad196afed8e74741abdaded1ec9d9ea5b85dc71995f4478009b5f
- SSDEEP
  
  6144:VD/AY/AYrAYyAYdAYSAYKAYsAYzAYpAYgbg:VDAiAUARA0A5ANA9AOAWAbbg
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

© 2018-2024

Terms | Privacy