665c4531f709305f302a5c5c7d81714ac7ed013e5471fe5b0e01abf7275412e9 | Triage

Sharing

General

Target

3610acd07ce31596e2ec9b0f1ac173ea_JaffaCakes118
Size

466KB
Sample

240710-x5c1zswbjm
MD5

3610acd07ce31596e2ec9b0f1ac173ea
SHA1

7016d5b24cc0e8f2a9b3fd8bd33f067e37fb2434
SHA256

665c4531f709305f302a5c5c7d81714ac7ed013e5471fe5b0e01abf7275412e9
SHA512

d61c7ad624f854338bbf33474505cc741363f9d9133850fac6b9acac3caf27d50a4c1ec064c9fdc3d64471cdc20da2612e4e0c2a8c890737108c8693a16d9897
SSDEEP

6144:/vJzbbugYZX7TO19vnEV/j0VyCHHieRA2QOCnzbwKJnToQUQiqL2:/vJzvleXG3vsz9WQOCn3dJnH6

Score

7^/10

bootkit persistence upx

Malware Config

Targets

- Target
  
  3610acd07ce31596e2ec9b0f1ac173ea_JaffaCakes118
- Size
  
  466KB
- MD5
  
  3610acd07ce31596e2ec9b0f1ac173ea
- SHA1
  
  7016d5b24cc0e8f2a9b3fd8bd33f067e37fb2434
- SHA256
  
  665c4531f709305f302a5c5c7d81714ac7ed013e5471fe5b0e01abf7275412e9
- SHA512
  
  d61c7ad624f854338bbf33474505cc741363f9d9133850fac6b9acac3caf27d50a4c1ec064c9fdc3d64471cdc20da2612e4e0c2a8c890737108c8693a16d9897
- SSDEEP
  
  6144:/vJzbbugYZX7TO19vnEV/j0VyCHHieRA2QOCnzbwKJnToQUQiqL2:/vJzvleXG3vsz9WQOCn3dJnH6
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx