82b17a7aed76e271cc5d26627eb84a998657903bac5f6ba1c109e11df9bf7aa1 | Triage

Sharing

General

Target

74e2fe5deb763c58d212a7efd3f3001c_JaffaCakes118
Size

437KB
Sample

240526-kdvqhacd6z
MD5

74e2fe5deb763c58d212a7efd3f3001c
SHA1

d1fb691247be072f169ea142f49dded06c6e4520
SHA256

82b17a7aed76e271cc5d26627eb84a998657903bac5f6ba1c109e11df9bf7aa1
SHA512

06dd6ad9633477b3906d1190c273592b17e19e105bce72e3b9472a7bfc05e31bf2eaa77e8d3206d707251bc1ee068b03ad754dbff160448e0839e412d1b3ed61
SSDEEP

6144:RSrUuHX7jBQj61e0Jz6H119A1/DXg/SwvZRQKwARuS:RmpL1Qj61e0ASDXg/SwZRhRuS

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  74e2fe5deb763c58d212a7efd3f3001c_JaffaCakes118
- Size
  
  437KB
- MD5
  
  74e2fe5deb763c58d212a7efd3f3001c
- SHA1
  
  d1fb691247be072f169ea142f49dded06c6e4520
- SHA256
  
  82b17a7aed76e271cc5d26627eb84a998657903bac5f6ba1c109e11df9bf7aa1
- SHA512
  
  06dd6ad9633477b3906d1190c273592b17e19e105bce72e3b9472a7bfc05e31bf2eaa77e8d3206d707251bc1ee068b03ad754dbff160448e0839e412d1b3ed61
- SSDEEP
  
  6144:RSrUuHX7jBQj61e0Jz6H119A1/DXg/SwvZRQKwARuS:RmpL1Qj61e0ASDXg/SwZRhRuS
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence