← Back to Explore
T1542.003
Bootkit
Adversaries may use bootkits to persist on systems. A bootkit is a malware variant that modifies the boot sectors of a hard drive, allowing malicious code to execute before a computer's operating system has loaded. Bootkits reside at a layer below the operating system and may make it difficult to perform full remediation unless an organization suspects one was used and can act accordingly. In BIOS systems, a bootkit may modify the Master Boot Record (MBR) and/or Volume Boot Record (VBR).(Citati...
LinuxWindows
3
Detections
3
Sources
3
Threat Actors
BY SOURCE
1elastic1sigma1splunk_escu
PROCEDURES (3)
Persist1 detections
Auto-extracted: 1 detections for persist
Process Creation Monitoring1 detections
Auto-extracted: 1 detections for process creation monitoring
Persist1 detections
Auto-extracted: 1 detections for persist