5db5d0b824cf611b8e39a6de87f210ce03e043a86034b5303545b227c890b934 | Triage

Sharing

General

Target

75ef103e084f507a0011a8052184d3e8_JaffaCakes118
Size

723KB
Sample

240526-sxn13aca66
MD5

75ef103e084f507a0011a8052184d3e8
SHA1

db7f657c0cf4d20e4f5dd2030410db067543ed96
SHA256

5db5d0b824cf611b8e39a6de87f210ce03e043a86034b5303545b227c890b934
SHA512

96513601159706bc77596c0099a247a438a49ae6e9f98c3440452228241b4f087e7e29dffe4a415c6977db50b557c089e002030ff9cf98488cb5467fcf7b6b75
SSDEEP

12288:Ht9v5UZIvX41qVb0xxOSDjld13BRXjIjbpBN0fL7JJZhgUr:Ht9O4wm0xxOOrxRmBN0BJHfr

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  75ef103e084f507a0011a8052184d3e8_JaffaCakes118
- Size
  
  723KB
- MD5
  
  75ef103e084f507a0011a8052184d3e8
- SHA1
  
  db7f657c0cf4d20e4f5dd2030410db067543ed96
- SHA256
  
  5db5d0b824cf611b8e39a6de87f210ce03e043a86034b5303545b227c890b934
- SHA512
  
  96513601159706bc77596c0099a247a438a49ae6e9f98c3440452228241b4f087e7e29dffe4a415c6977db50b557c089e002030ff9cf98488cb5467fcf7b6b75
- SSDEEP
  
  12288:Ht9v5UZIvX41qVb0xxOSDjld13BRXjIjbpBN0fL7JJZhgUr:Ht9O4wm0xxOOrxRmBN0BJHfr
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence