a68aae874771308e94afbff7513f937551dd408a40e893532d17ed128f5115c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c3bfa5b548f425c2f255043191e4840_JaffaCakes118
Size

211KB
Sample

240716-bsat7s1enf
MD5

4c3bfa5b548f425c2f255043191e4840
SHA1

0982b81652c5989af8a00b6d98e51fa3b23f9de8
SHA256

a68aae874771308e94afbff7513f937551dd408a40e893532d17ed128f5115c8
SHA512

12db424e3a0ac5eff7675034bc95e1282155729b139b31a686e1dd51be9727823c67ba836ffc71e28e36e246ada388ecc18928b617187f379a2c799342243424
SSDEEP

6144:O0iSAUYrlX7BBcDqowKv4ngY64VJr+H9Wds:O0iRUwrBBQCKwgYzVJfy

Score

6^/10

bootkit persistence

Malware Config

Targets

- Target
  
  4c3bfa5b548f425c2f255043191e4840_JaffaCakes118
- Size
  
  211KB
- MD5
  
  4c3bfa5b548f425c2f255043191e4840
- SHA1
  
  0982b81652c5989af8a00b6d98e51fa3b23f9de8
- SHA256
  
  a68aae874771308e94afbff7513f937551dd408a40e893532d17ed128f5115c8
- SHA512
  
  12db424e3a0ac5eff7675034bc95e1282155729b139b31a686e1dd51be9727823c67ba836ffc71e28e36e246ada388ecc18928b617187f379a2c799342243424
- SSDEEP
  
  6144:O0iSAUYrlX7BBcDqowKv4ngY64VJr+H9Wds:O0iRUwrBBQCKwgYzVJfy
Score

6^/10

bootkit persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitpersistence