3997c5f9a30921d4e4757b22308934c1c6d611beca29683d1335f27654fa34be | Triage

Sharing

General

Target

7614e5909447d589c5eee83f36e89587_JaffaCakes118
Size

427KB
Sample

240526-txbleadd37
MD5

7614e5909447d589c5eee83f36e89587
SHA1

48292a9c74c85fb4d2fcc68a443672a29243d08f
SHA256

3997c5f9a30921d4e4757b22308934c1c6d611beca29683d1335f27654fa34be
SHA512

fd38ce2c4cf8c13aee8505a90268994344f1a805fed4206f29c4d1730259f62bd8a80050c70806ac6ec9676f4f673964f95c8c7e7ca2f7e0bbc64ca4f7beb2ee
SSDEEP

12288:HF0pNpZ7sC+35XyXaIlLY9E0UAjlnqUEV:ypbJEJXyXVGEfAjljEV

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  7614e5909447d589c5eee83f36e89587_JaffaCakes118
- Size
  
  427KB
- MD5
  
  7614e5909447d589c5eee83f36e89587
- SHA1
  
  48292a9c74c85fb4d2fcc68a443672a29243d08f
- SHA256
  
  3997c5f9a30921d4e4757b22308934c1c6d611beca29683d1335f27654fa34be
- SHA512
  
  fd38ce2c4cf8c13aee8505a90268994344f1a805fed4206f29c4d1730259f62bd8a80050c70806ac6ec9676f4f673964f95c8c7e7ca2f7e0bbc64ca4f7beb2ee
- SSDEEP
  
  12288:HF0pNpZ7sC+35XyXaIlLY9E0UAjlnqUEV:ypbJEJXyXVGEfAjljEV
Score

6^/10

bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence