71169d83b35aeb58bf77c72e40f9515073720b76502a01cd9d7105efc976a0b6 | Triage

Sharing

General

Target

4cafb4bc429546c2635a5786beb8c582_JaffaCakes118
Size

438KB
Sample

240716-eb4bzawfmc
MD5

4cafb4bc429546c2635a5786beb8c582
SHA1

2656d2a21592e7ccf5530d89f6f18038ad5976e6
SHA256

71169d83b35aeb58bf77c72e40f9515073720b76502a01cd9d7105efc976a0b6
SHA512

4fa45887d7e17494d6d80856399c0cb80ed1d10159a107998788151edceadf7f4c2ccec8ebc98520428badb2153707fbbfec40eb96c06289823ed2bc9aa4c673
SSDEEP

12288:rL/s37tD34R9gYTcsbHsyB76NtTird7HAE:rL/s3754R35B6TEd7A

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  4cafb4bc429546c2635a5786beb8c582_JaffaCakes118
- Size
  
  438KB
- MD5
  
  4cafb4bc429546c2635a5786beb8c582
- SHA1
  
  2656d2a21592e7ccf5530d89f6f18038ad5976e6
- SHA256
  
  71169d83b35aeb58bf77c72e40f9515073720b76502a01cd9d7105efc976a0b6
- SHA512
  
  4fa45887d7e17494d6d80856399c0cb80ed1d10159a107998788151edceadf7f4c2ccec8ebc98520428badb2153707fbbfec40eb96c06289823ed2bc9aa4c673
- SSDEEP
  
  12288:rL/s37tD34R9gYTcsbHsyB76NtTird7HAE:rL/s3754R35B6TEd7A
Score

7^/10

bootkit persistence
- Deletes itself
- Executes dropped EXE
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2