b9e03e5173c2e0adabad68ebadc72dafbdfe7d8e637db7f4993652b80c26f788 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ddcf56542ba3d0872c544392dad1d00_JaffaCakes118
Size

250KB
Sample

240708-1bgzmazckp
MD5

2ddcf56542ba3d0872c544392dad1d00
SHA1

821aa00b7cc1448bca1ccb9d705273afaf9e8cf7
SHA256

b9e03e5173c2e0adabad68ebadc72dafbdfe7d8e637db7f4993652b80c26f788
SHA512

9dbb7cd8eb92e1111259da6daf77019f0877171a78f11c1e79a31f502886bed6adb03b5101b457656eae4c2f5413581553198443cc4407cb27a98bbc42e96ac4
SSDEEP

6144:j7y+Qfb56BBMl5yyw5CpA/7sJ5pwvP6bQ7yMP+DE827KJz:/yf6aw5krJ5i6b7MP+Dd2W

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  2ddcf56542ba3d0872c544392dad1d00_JaffaCakes118
- Size
  
  250KB
- MD5
  
  2ddcf56542ba3d0872c544392dad1d00
- SHA1
  
  821aa00b7cc1448bca1ccb9d705273afaf9e8cf7
- SHA256
  
  b9e03e5173c2e0adabad68ebadc72dafbdfe7d8e637db7f4993652b80c26f788
- SHA512
  
  9dbb7cd8eb92e1111259da6daf77019f0877171a78f11c1e79a31f502886bed6adb03b5101b457656eae4c2f5413581553198443cc4407cb27a98bbc42e96ac4
- SSDEEP
  
  6144:j7y+Qfb56BBMl5yyw5CpA/7sJ5pwvP6bQ7yMP+DE827KJz:/yf6aw5krJ5i6b7MP+Dd2W
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2