c7e6473c287666b1adb48b0a8b8fc47e073e59d023ee79e287463c1148ecf07f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

161a9751f1b788acd1e03aa79e1e52ea_JaffaCakes118
Size

391KB
Sample

240627-qaxzcavfkp
MD5

161a9751f1b788acd1e03aa79e1e52ea
SHA1

b9067b4e7430653034a4917e0cca275f30cc8dec
SHA256

c7e6473c287666b1adb48b0a8b8fc47e073e59d023ee79e287463c1148ecf07f
SHA512

017df4873f7b478ba5189685e42f73419b83b21b167b4db8f5cc6413d735988ca9d7bc021fafad4880a9dea15d80eae5b9393a03fd00bdc75adc093db0b67ef2
SSDEEP

6144:G3DM5k0X1/P5GwK0ofG64WLdsAhrOD9S088A42G98gWNlPTGQQm6agrd+h:G3DwPJK0WGWSwCw8A4SNtTirdW

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  161a9751f1b788acd1e03aa79e1e52ea_JaffaCakes118
- Size
  
  391KB
- MD5
  
  161a9751f1b788acd1e03aa79e1e52ea
- SHA1
  
  b9067b4e7430653034a4917e0cca275f30cc8dec
- SHA256
  
  c7e6473c287666b1adb48b0a8b8fc47e073e59d023ee79e287463c1148ecf07f
- SHA512
  
  017df4873f7b478ba5189685e42f73419b83b21b167b4db8f5cc6413d735988ca9d7bc021fafad4880a9dea15d80eae5b9393a03fd00bdc75adc093db0b67ef2
- SSDEEP
  
  6144:G3DM5k0X1/P5GwK0ofG64WLdsAhrOD9S088A42G98gWNlPTGQQm6agrd+h:G3DwPJK0WGWSwCw8A4SNtTirdW
Score

7^/10

bootkit persistence
- Deletes itself
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2