4dd9aa4069595f9dab8697a4a300b2604b40706a23d47c8cb4e007b7c0310bbf | Triage

Sharing

General

Target

2937c782bbd59ecbb68f639705f1dc72_JaffaCakes118
Size

96KB
Sample

240706-xb3pjssbpe
MD5

2937c782bbd59ecbb68f639705f1dc72
SHA1

5149e46eb3e9881a6c1b2249f4c52e7d8ee60eab
SHA256

4dd9aa4069595f9dab8697a4a300b2604b40706a23d47c8cb4e007b7c0310bbf
SHA512

200ddc48a90f01b3a4d3e9a8a49dcfa1db60ae3bfde1451f6b06ad8b324872b17bb6bf99010069f052f46f1fa05b5cf3965f8e7ffa612f742e9f9ac8ee82ab3d
SSDEEP

1536:K5A0VOIKPsk+zZpTYqepXPon9CrLBfmsZ/tj4mItHFmSmkToBws7DvOBzsKXt7JF:D0VOpEkoUBpCCrLB5/tjotsaoBwsPKxJ

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  2937c782bbd59ecbb68f639705f1dc72_JaffaCakes118
- Size
  
  96KB
- MD5
  
  2937c782bbd59ecbb68f639705f1dc72
- SHA1
  
  5149e46eb3e9881a6c1b2249f4c52e7d8ee60eab
- SHA256
  
  4dd9aa4069595f9dab8697a4a300b2604b40706a23d47c8cb4e007b7c0310bbf
- SHA512
  
  200ddc48a90f01b3a4d3e9a8a49dcfa1db60ae3bfde1451f6b06ad8b324872b17bb6bf99010069f052f46f1fa05b5cf3965f8e7ffa612f742e9f9ac8ee82ab3d
- SSDEEP
  
  1536:K5A0VOIKPsk+zZpTYqepXPon9CrLBfmsZ/tj4mItHFmSmkToBws7DvOBzsKXt7JF:D0VOpEkoUBpCCrLB5/tjotsaoBwsPKxJ
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2