afb5534dba43f2a7c8102faa9014c93ebb4ae31e6e5ffa28e6a528656813006e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b71ea8c84c97cdf43f1e9b9fe033467_JaffaCakes118
Size

484KB
Sample

240701-qjtchsxbnq
MD5

1b71ea8c84c97cdf43f1e9b9fe033467
SHA1

de37b83b41d05a8ea6460b1a7a9751cfd9aecb44
SHA256

afb5534dba43f2a7c8102faa9014c93ebb4ae31e6e5ffa28e6a528656813006e
SHA512

bbb22883d9a191115aa804e01f073468ac286d12ad59aafd811f447f637372b0564e98c2c5e1c636917a4347e2fa06fd09ef4ec863510f5b56a37bd0a53ba75c
SSDEEP

12288:RSJOZpq/K5w60ECocqmvyTVB4sSvEzfg02cSc6K:RSsZKM7Cnr6TsBczlmc6K

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  1b71ea8c84c97cdf43f1e9b9fe033467_JaffaCakes118
- Size
  
  484KB
- MD5
  
  1b71ea8c84c97cdf43f1e9b9fe033467
- SHA1
  
  de37b83b41d05a8ea6460b1a7a9751cfd9aecb44
- SHA256
  
  afb5534dba43f2a7c8102faa9014c93ebb4ae31e6e5ffa28e6a528656813006e
- SHA512
  
  bbb22883d9a191115aa804e01f073468ac286d12ad59aafd811f447f637372b0564e98c2c5e1c636917a4347e2fa06fd09ef4ec863510f5b56a37bd0a53ba75c
- SSDEEP
  
  12288:RSJOZpq/K5w60ECocqmvyTVB4sSvEzfg02cSc6K:RSsZKM7Cnr6TsBczlmc6K
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence