c5fe31af804001871e25638c51987d8d75ecead9735d57bff3118fbdd1aa1c34 | Triage

Sharing

General

Target

f9162b4e070d652a41f44e43f4249ccf_JaffaCakes118
Size

716KB
Sample

240419-an2lpaba87
MD5

f9162b4e070d652a41f44e43f4249ccf
SHA1

17ad68efd4cc0a5090a8bf565f161cca98e9fe91
SHA256

c5fe31af804001871e25638c51987d8d75ecead9735d57bff3118fbdd1aa1c34
SHA512

e9043eae3fa356bb6400acef293a5572c75cd3a5cac90e2037ea5aade1ffa5556de4d9e5c8a995d5592464a7a3af787ed5388d87d66f43eadba3360f7a7a5566
SSDEEP

12288:ukmAqNhBrYvg6QiEDCyxDdy0zBRXjIjbvZIa9z:uN5Bv6QiEjJy0lReII

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  f9162b4e070d652a41f44e43f4249ccf_JaffaCakes118
- Size
  
  716KB
- MD5
  
  f9162b4e070d652a41f44e43f4249ccf
- SHA1
  
  17ad68efd4cc0a5090a8bf565f161cca98e9fe91
- SHA256
  
  c5fe31af804001871e25638c51987d8d75ecead9735d57bff3118fbdd1aa1c34
- SHA512
  
  e9043eae3fa356bb6400acef293a5572c75cd3a5cac90e2037ea5aade1ffa5556de4d9e5c8a995d5592464a7a3af787ed5388d87d66f43eadba3360f7a7a5566
- SSDEEP
  
  12288:ukmAqNhBrYvg6QiEDCyxDdy0zBRXjIjbvZIa9z:uN5Bv6QiEjJy0lReII
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence