a3def3f8e481c7039e107e72c2b8b1420fccfe25f06611bfaf83cee2fbf95fae | Triage

Sharing

General

Target

02cd4508debe035aeffcf97dd6c7316b_JaffaCakes118
Size

590KB
Sample

240620-e3egxsyemg
MD5

02cd4508debe035aeffcf97dd6c7316b
SHA1

383ddb84b57e09c1607a9245ac3752f05ffe0b9e
SHA256

a3def3f8e481c7039e107e72c2b8b1420fccfe25f06611bfaf83cee2fbf95fae
SHA512

1f22e176f8d155d46eaf00ea98688089616ff44958060b84494d8fc0028e35c391e938e0b8429f1936fdcf860b3a4db86c9b95cda63d3e4d3a756bce6884d5c1
SSDEEP

12288:9BOA3WVN2ooPLMgulL7xNLzTe8jSDZzXEdDuiLYI1I8dI:9BaVN2ooPLMgOL7xJvjAsDuQT1O

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  PMC.SubtitleConverter_3.9.1225_gb/PMC_SubtitleConverter.exe
- Size
  
  588KB
- MD5
  
  230da7562e9b75f5dcb679dc1c4976f7
- SHA1
  
  350eaa42bf79d93c8fe8553569593553dea8683c
- SHA256
  
  af294be52b672e12d806a397e112ec8bf0b83a927ebf75f05b752e565440dbfd
- SHA512
  
  c6dfd642c8a42bf260d4d4af23c1f2496ef864b33e1c7633e3024ff5f6f4ab904b88312fc0530cf9786a7e218ef5403b3f3dae11e28121976f6171a9095a7e4d
- SSDEEP
  
  12288:6AKyKN5pHMUqQsQFeB+AhwzZcrzr3BcHcbNFEV47tqXro5ZYeQUlI:6AK57GUqLQFekAhwzZOzr3BAcbN2Vokk
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence