9ecd351b9ca9f33d6a7bcf7d08e4ff6881ec9d07efa84eacf147f17b9ffb708b | Triage

Sharing

General

Target

110a91eb09c725f9548722e130ea745d_JaffaCakes118
Size

727KB
Sample

240503-v1m92sbg7y
MD5

110a91eb09c725f9548722e130ea745d
SHA1

5b6b80a26d974b5c93cbc84b9f492c7559676138
SHA256

9ecd351b9ca9f33d6a7bcf7d08e4ff6881ec9d07efa84eacf147f17b9ffb708b
SHA512

1053c3b36e1335839248905ff117211292c17f307ee0d868267aef668eae5458d1c2179eef9ae1d5793bfae0313782ad70700163a67bd0a824543031b9cfdb32
SSDEEP

12288:rwECaUglPnFsk7P0UahDyDT1dBRXjIjpieT+VWt:rwEC70qkgUahDuTRreT+It

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  110a91eb09c725f9548722e130ea745d_JaffaCakes118
- Size
  
  727KB
- MD5
  
  110a91eb09c725f9548722e130ea745d
- SHA1
  
  5b6b80a26d974b5c93cbc84b9f492c7559676138
- SHA256
  
  9ecd351b9ca9f33d6a7bcf7d08e4ff6881ec9d07efa84eacf147f17b9ffb708b
- SHA512
  
  1053c3b36e1335839248905ff117211292c17f307ee0d868267aef668eae5458d1c2179eef9ae1d5793bfae0313782ad70700163a67bd0a824543031b9cfdb32
- SSDEEP
  
  12288:rwECaUglPnFsk7P0UahDyDT1dBRXjIjpieT+VWt:rwEC70qkgUahDuTRreT+It
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence