JUST RELEASED: ATT&CK for Industrial Control Systems

BOOTRASH

BOOTRASH is a Bootkit that targets Windows operating systems. It has been used by threat actors that target the financial sector. [1]

ID: S0114
Type: MALWARE
Platforms: Windows
Version: 1.0
Created: 31 May 2017
Last Modified: 17 October 2018

Techniques Used

Domain ID Name Use
Enterprise T1067 Bootkit

BOOTRASH is a Volume Boot Record (VBR) bootkit that uses the VBR to maintain persistence.[1]

References