43a429f299010901a38d826f1259f3d671a3d22b86269f2db797aadb2268871a | Triage

Sharing

General

Target

2aff309cabf3a3719f176c3eabda5a97_JaffaCakes118
Size

226KB
Sample

240708-e7mzvsseqk
MD5

2aff309cabf3a3719f176c3eabda5a97
SHA1

cb0b130ee18f575a8911f43a9dd81bf6cf28024a
SHA256

43a429f299010901a38d826f1259f3d671a3d22b86269f2db797aadb2268871a
SHA512

56925a4f2ec0d4bfe442837612a10dd112a60d03d7918992abd0ecc8380415021e01788fe8f4f2177e09d483cd94ac7f826d9da177566dd185276f620dcea137
SSDEEP

6144:/Uwep/Pi1Thqvyy4s2BR9W2FtjXwcCOJvq:MxNi1TKyy4s282Ftjgc1vq

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  2aff309cabf3a3719f176c3eabda5a97_JaffaCakes118
- Size
  
  226KB
- MD5
  
  2aff309cabf3a3719f176c3eabda5a97
- SHA1
  
  cb0b130ee18f575a8911f43a9dd81bf6cf28024a
- SHA256
  
  43a429f299010901a38d826f1259f3d671a3d22b86269f2db797aadb2268871a
- SHA512
  
  56925a4f2ec0d4bfe442837612a10dd112a60d03d7918992abd0ecc8380415021e01788fe8f4f2177e09d483cd94ac7f826d9da177566dd185276f620dcea137
- SSDEEP
  
  6144:/Uwep/Pi1Thqvyy4s2BR9W2FtjXwcCOJvq:MxNi1TKyy4s282Ftjgc1vq
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence