374d4bdf360846931faf12558d93d87946e577f388df30bba488fe7cd9b4f389 | Triage

Sharing

General

Target

35de5a3bd8a9157d86057a6ff7eb09a0_JaffaCakes118
Size

588KB
Sample

240710-w2whgssgqp
MD5

35de5a3bd8a9157d86057a6ff7eb09a0
SHA1

eaed5cf8bb95715863c839e7f0f8a0e5de9141a4
SHA256

374d4bdf360846931faf12558d93d87946e577f388df30bba488fe7cd9b4f389
SHA512

fae147b5512f1ef87b5d984bb3fafa21b0d63b225dc52d9f31ee532553b0fc3965256f48a30e498e2b6494174437dcdd7dfaa1084eecc2113178bf433dab1d6f
SSDEEP

12288:VSdGxWJ9Y0dPMTyk9I/1u0OCGYfIhifnx1TrjIG5laj:VSL3Y009Ik0OCLKifTTrWj

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  35de5a3bd8a9157d86057a6ff7eb09a0_JaffaCakes118
- Size
  
  588KB
- MD5
  
  35de5a3bd8a9157d86057a6ff7eb09a0
- SHA1
  
  eaed5cf8bb95715863c839e7f0f8a0e5de9141a4
- SHA256
  
  374d4bdf360846931faf12558d93d87946e577f388df30bba488fe7cd9b4f389
- SHA512
  
  fae147b5512f1ef87b5d984bb3fafa21b0d63b225dc52d9f31ee532553b0fc3965256f48a30e498e2b6494174437dcdd7dfaa1084eecc2113178bf433dab1d6f
- SSDEEP
  
  12288:VSdGxWJ9Y0dPMTyk9I/1u0OCGYfIhifnx1TrjIG5laj:VSL3Y009Ik0OCLKifTTrWj
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence