50ff149aa8c9813786a53b5b4ea94987857725fe7c9a1c9210794b5482dc54fa | Triage

Sharing

General

Target

f9ff571bd8066d37280d0b612e5a6039_JaffaCakes118
Size

348KB
Sample

240419-lcqktsdf59
MD5

f9ff571bd8066d37280d0b612e5a6039
SHA1

f31f3ab81bcb688dcc97624f2f59fa6d097c3ea0
SHA256

50ff149aa8c9813786a53b5b4ea94987857725fe7c9a1c9210794b5482dc54fa
SHA512

6d2326ae162709d7381e24b0e8738ef51c18c3f3b77ebd8489308e77d9f37d7e557ad85fb5e01a59eeac0d03eade750e9c66850788eaca02007815e5a0dd059a
SSDEEP

6144:zv+xdnkSw4IKIxGWAq2JwvP6bQ7yMP+DE827VVfi7wvP6bQ7yMP+DE827PD:zutIx4k6b7MP+Dd25J6b7MP+Dd23

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  f9ff571bd8066d37280d0b612e5a6039_JaffaCakes118
- Size
  
  348KB
- MD5
  
  f9ff571bd8066d37280d0b612e5a6039
- SHA1
  
  f31f3ab81bcb688dcc97624f2f59fa6d097c3ea0
- SHA256
  
  50ff149aa8c9813786a53b5b4ea94987857725fe7c9a1c9210794b5482dc54fa
- SHA512
  
  6d2326ae162709d7381e24b0e8738ef51c18c3f3b77ebd8489308e77d9f37d7e557ad85fb5e01a59eeac0d03eade750e9c66850788eaca02007815e5a0dd059a
- SSDEEP
  
  6144:zv+xdnkSw4IKIxGWAq2JwvP6bQ7yMP+DE827VVfi7wvP6bQ7yMP+DE827PD:zutIx4k6b7MP+Dd25J6b7MP+Dd23
Score

8^/10

bootkit persistence
- Drops file in Drivers directory
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2