d76f09dc33085d6890662fd2544eacaf3963ab1176f562b4978a96839f3630a3 | Triage

Sharing

General

Target

fa59cb972e56bec6b6962e6a659d54dd_JaffaCakes118
Size

352KB
Sample

240419-p9vslaeb3w
MD5

fa59cb972e56bec6b6962e6a659d54dd
SHA1

d02298302eaee80cb3fc7f1cf3b9df5efb797eae
SHA256

d76f09dc33085d6890662fd2544eacaf3963ab1176f562b4978a96839f3630a3
SHA512

2d295dce41aeaded38c085950f8bd391390b761e45087f91722ca21408a742e318c351d168e3e04c254defb666035030f323cffa7e39134647f19002d29f3c37
SSDEEP

6144:gL6ddCqSNOk0ZU+tEjuYe8qeLP5wvP6bQ7yMP+DE827oewvP6bQ7yMP+DE827EUc:/Cqk0y+2juN8PK6b7MP+Dd2E6b7MP+Dr

Score

8^/10

bootkit persistence

Malware Config

Targets

- Target
  
  fa59cb972e56bec6b6962e6a659d54dd_JaffaCakes118
- Size
  
  352KB
- MD5
  
  fa59cb972e56bec6b6962e6a659d54dd
- SHA1
  
  d02298302eaee80cb3fc7f1cf3b9df5efb797eae
- SHA256
  
  d76f09dc33085d6890662fd2544eacaf3963ab1176f562b4978a96839f3630a3
- SHA512
  
  2d295dce41aeaded38c085950f8bd391390b761e45087f91722ca21408a742e318c351d168e3e04c254defb666035030f323cffa7e39134647f19002d29f3c37
- SSDEEP
  
  6144:gL6ddCqSNOk0ZU+tEjuYe8qeLP5wvP6bQ7yMP+DE827oewvP6bQ7yMP+DE827EUc:/Cqk0y+2juN8PK6b7MP+Dd2E6b7MP+Dr
Score

8^/10

bootkit persistence
- Drops file in Drivers directory
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2