051fa580ba28f26d3da2e99422eed69e0fdfad176ed8c74fce36c3c7f6e6570e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19464c9e196474543dee6c1077927e26_JaffaCakes118
Size

146KB
Sample

240628-h822yszgml
MD5

19464c9e196474543dee6c1077927e26
SHA1

0316ab64eb76a7b12b19dc3034ecb72172a9626d
SHA256

051fa580ba28f26d3da2e99422eed69e0fdfad176ed8c74fce36c3c7f6e6570e
SHA512

31fcfc66a10cc07d4abbb8167fa3bcecaeae268b2dc4346b3e09f61e9838ddfe9e785ca951222805ad26f371c7f7fdf16021629b997aa8c456904b34c9f3b6cc
SSDEEP

3072:GvybQ2JB15BZlYGsqg+P0//6bGT43jJ7E90o:owQU15B3YtqHcqn3ZE9

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  19464c9e196474543dee6c1077927e26_JaffaCakes118
- Size
  
  146KB
- MD5
  
  19464c9e196474543dee6c1077927e26
- SHA1
  
  0316ab64eb76a7b12b19dc3034ecb72172a9626d
- SHA256
  
  051fa580ba28f26d3da2e99422eed69e0fdfad176ed8c74fce36c3c7f6e6570e
- SHA512
  
  31fcfc66a10cc07d4abbb8167fa3bcecaeae268b2dc4346b3e09f61e9838ddfe9e785ca951222805ad26f371c7f7fdf16021629b997aa8c456904b34c9f3b6cc
- SSDEEP
  
  3072:GvybQ2JB15BZlYGsqg+P0//6bGT43jJ7E90o:owQU15B3YtqHcqn3ZE9
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2