9e083ad2f9408d210eeba273b16457361fa7535204d57d264ed1f7e7924172f0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a84591de22cc6778b60dedaf9e8a367_JaffaCakes118
Size

2.3MB
Sample

240509-scxgpsff8v
MD5

2a84591de22cc6778b60dedaf9e8a367
SHA1

f656a8d2c0bf8b5691ade8a3c8d8b8ff638ffa79
SHA256

9e083ad2f9408d210eeba273b16457361fa7535204d57d264ed1f7e7924172f0
SHA512

86a9efb1321fa46ef89be76ea20e12713461f335b6aa1f5c5355e08f64ee31a6f8aedb834c85c995e57ed67c3c22de07e1d93be0cd6488df8960b415ba4a9b20
SSDEEP

49152:ATEFVxVbtrlYI9xq0oL4nnWKEtStHbPC6SAExuYJ8NGBKCUTjxLdTp4RCFZ:nVbtrKI9xFo0nPEWC3VxuYWGMFi4

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  2a84591de22cc6778b60dedaf9e8a367_JaffaCakes118
- Size
  
  2.3MB
- MD5
  
  2a84591de22cc6778b60dedaf9e8a367
- SHA1
  
  f656a8d2c0bf8b5691ade8a3c8d8b8ff638ffa79
- SHA256
  
  9e083ad2f9408d210eeba273b16457361fa7535204d57d264ed1f7e7924172f0
- SHA512
  
  86a9efb1321fa46ef89be76ea20e12713461f335b6aa1f5c5355e08f64ee31a6f8aedb834c85c995e57ed67c3c22de07e1d93be0cd6488df8960b415ba4a9b20
- SSDEEP
  
  49152:ATEFVxVbtrlYI9xq0oL4nnWKEtStHbPC6SAExuYJ8NGBKCUTjxLdTp4RCFZ:nVbtrKI9xFo0nPEWC3VxuYWGMFi4
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence