74c97dadaa81963c8123717edebeb99fc801cc64fa3e7eb7b0205087795f0bb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3616c695d5c04c8970b782e72243e0e9_JaffaCakes118
Size

510KB
Sample

240511-xrk5faff56
MD5

3616c695d5c04c8970b782e72243e0e9
SHA1

033dd9c9b5ec9b985fb78d7f0ca6cf075aaca7c9
SHA256

74c97dadaa81963c8123717edebeb99fc801cc64fa3e7eb7b0205087795f0bb5
SHA512

b3a62cbc53098cfb903e599708bb4b4a71433fdd612cc285a5c65fe9f0a569c0bad5f1b6b71dfd709a1b86cb9af2e8caaeb5eeb9ee181cc75eba801b1aae2f65
SSDEEP

6144:0ZBuNpUyd0ijcUtdWuOJT2H3FTpYAGPBf24FFfAE20iOzhGwkYky80JrZ0UfQV:0ZSayd0ipruR8qjP1FFFOOzhEYk2D4V

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  3616c695d5c04c8970b782e72243e0e9_JaffaCakes118
- Size
  
  510KB
- MD5
  
  3616c695d5c04c8970b782e72243e0e9
- SHA1
  
  033dd9c9b5ec9b985fb78d7f0ca6cf075aaca7c9
- SHA256
  
  74c97dadaa81963c8123717edebeb99fc801cc64fa3e7eb7b0205087795f0bb5
- SHA512
  
  b3a62cbc53098cfb903e599708bb4b4a71433fdd612cc285a5c65fe9f0a569c0bad5f1b6b71dfd709a1b86cb9af2e8caaeb5eeb9ee181cc75eba801b1aae2f65
- SSDEEP
  
  6144:0ZBuNpUyd0ijcUtdWuOJT2H3FTpYAGPBf24FFfAE20iOzhGwkYky80JrZ0UfQV:0ZSayd0ipruR8qjP1FFFOOzhEYk2D4V
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence