8501007c58c4f5daa9698f4c25d1c34d043ef4760a23213b834f6bb81783f804 | Triage

Sharing

General

Target

3a7186ea452187cf2fcc366a45b529d7_JaffaCakes118
Size

682KB
Sample

240711-x54hyatapf
MD5

3a7186ea452187cf2fcc366a45b529d7
SHA1

ac29c19a779b313b6542635c51d5ff4f7086c8e9
SHA256

8501007c58c4f5daa9698f4c25d1c34d043ef4760a23213b834f6bb81783f804
SHA512

0c7fda48ebc4026cea3abd2fe0fad6c1fd3be2a77422186b8e90981d02446269970ccf0682efb4c2b2c37d6bd8776987001ab4a2973b7332e456dfb9217042fd
SSDEEP

12288:WRX4WxKagw/gOASVwRnHClFnRW3VUX+TuWjp/ERfkr80UqiOG66b7MP+Dd2iqxO:WRNDjIOASeHgxMlUX+Tu2ER8g3qrGb7x

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  3a7186ea452187cf2fcc366a45b529d7_JaffaCakes118
- Size
  
  682KB
- MD5
  
  3a7186ea452187cf2fcc366a45b529d7
- SHA1
  
  ac29c19a779b313b6542635c51d5ff4f7086c8e9
- SHA256
  
  8501007c58c4f5daa9698f4c25d1c34d043ef4760a23213b834f6bb81783f804
- SHA512
  
  0c7fda48ebc4026cea3abd2fe0fad6c1fd3be2a77422186b8e90981d02446269970ccf0682efb4c2b2c37d6bd8776987001ab4a2973b7332e456dfb9217042fd
- SSDEEP
  
  12288:WRX4WxKagw/gOASVwRnHClFnRW3VUX+TuWjp/ERfkr80UqiOG66b7MP+Dd2iqxO:WRNDjIOASeHgxMlUX+Tu2ER8g3qrGb7x
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2