ROCKBOOT - S0112 (cba78a1c-186f-4112-9e6a-be1839f030f7)

ROCKBOOT is a Bootkit that has been used by an unidentified, suspected China-based group. (Citation: FireEye Bootkits)

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Bootkit - T1542.003 (1b7b1806-7746-41a1-a35d-e48dae25ddba)	Attack Pattern	ROCKBOOT - S0112 (cba78a1c-186f-4112-9e6a-be1839f030f7)	Malware	1
Bootkit - T1542.003 (1b7b1806-7746-41a1-a35d-e48dae25ddba)	Attack Pattern	Pre-OS Boot - T1542 (7f0ca133-88c4-40c6-a62f-b3083a7fbc2e)	Attack Pattern	2