0c919b0e60ea3f7de976d2c5e33676a5b81bac5c175f063359109085c459379d | Triage

Sharing

General

Target

f955c88cfd34d9bad171c3c2f53e6553_JaffaCakes118
Size

726KB
Sample

240419-c9wzfaff6z
MD5

f955c88cfd34d9bad171c3c2f53e6553
SHA1

00193b3937f7bc968ab42ca124124e5dd93e39df
SHA256

0c919b0e60ea3f7de976d2c5e33676a5b81bac5c175f063359109085c459379d
SHA512

11b148c342b35f62cb26b43fbf7f1ccf4c53ea9c3d91e9e63d6636e10801dc8c078fe38d762c9c6926104fd0cfbacfb92cf627666e7364d06b9b26e7fc9aa86f
SSDEEP

12288:bwECaUglPnFsk7P0UahDyDT1qBRXjIjpsAW88WOF77J3:bwEC70qkgUahDuERJ8JOL3

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  f955c88cfd34d9bad171c3c2f53e6553_JaffaCakes118
- Size
  
  726KB
- MD5
  
  f955c88cfd34d9bad171c3c2f53e6553
- SHA1
  
  00193b3937f7bc968ab42ca124124e5dd93e39df
- SHA256
  
  0c919b0e60ea3f7de976d2c5e33676a5b81bac5c175f063359109085c459379d
- SHA512
  
  11b148c342b35f62cb26b43fbf7f1ccf4c53ea9c3d91e9e63d6636e10801dc8c078fe38d762c9c6926104fd0cfbacfb92cf627666e7364d06b9b26e7fc9aa86f
- SSDEEP
  
  12288:bwECaUglPnFsk7P0UahDyDT1qBRXjIjpsAW88WOF77J3:bwEC70qkgUahDuERJ8JOL3
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence