a7437092edd96b1897b01ffd7dd594de3d4f81795b3012f0044b35ecad8ca3bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

887b3f982f8fb6d0d12a38c8db4f48f2_JaffaCakes118
Size

15.0MB
Sample

240531-1r7vzsff57
MD5

887b3f982f8fb6d0d12a38c8db4f48f2
SHA1

c84da8a2cc4871383e8d7428cedd090ec6ff639e
SHA256

a7437092edd96b1897b01ffd7dd594de3d4f81795b3012f0044b35ecad8ca3bc
SHA512

3040ce4b32ed51f758ddbcb1d9932e572e7a4421416d418b248a4dc1005f7fd020f67f97015181208ebc75918d5ed647e268f34ec415adb22021a8aef7bae614
SSDEEP

393216:TPDSUSKV2mebRWU8CTwjkHwEHlRCtZoMAMR7t0215WD10SzXMo:hSosR1gkHwW+tIQD540SzXMo

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  887b3f982f8fb6d0d12a38c8db4f48f2_JaffaCakes118
- Size
  
  15.0MB
- MD5
  
  887b3f982f8fb6d0d12a38c8db4f48f2
- SHA1
  
  c84da8a2cc4871383e8d7428cedd090ec6ff639e
- SHA256
  
  a7437092edd96b1897b01ffd7dd594de3d4f81795b3012f0044b35ecad8ca3bc
- SHA512
  
  3040ce4b32ed51f758ddbcb1d9932e572e7a4421416d418b248a4dc1005f7fd020f67f97015181208ebc75918d5ed647e268f34ec415adb22021a8aef7bae614
- SSDEEP
  
  393216:TPDSUSKV2mebRWU8CTwjkHwEHlRCtZoMAMR7t0215WD10SzXMo:hSosR1gkHwW+tIQD540SzXMo
Score

7^/10

bootkit persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence