dc9bf2333329ab7355d4735fa2e3e6ddb1bb07929e2c977cfafd3be3aded9c94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a0ca1e2771130410a11c3ffc0e86c0a_JaffaCakes118
Size

76KB
Sample

240719-cl5axa1cqg
MD5

5a0ca1e2771130410a11c3ffc0e86c0a
SHA1

e609fc6698ade8217e305675d7c200e4f33a2043
SHA256

dc9bf2333329ab7355d4735fa2e3e6ddb1bb07929e2c977cfafd3be3aded9c94
SHA512

137eb67caec78cb7c8c26ff6bcb95329425034e13d054b95d5d7103d996cf032f6a4b0b5e5db3bea3aafb40474ea724321c9e1204d17bdaa954df94a8ee79a8b
SSDEEP

768:q0dWDoPQ70q6VETjtDQcUd6EsJ4Szvu4Isw+OklOBz4pz4EKyTpLZd3BTiVQotJv:jI8YgVijHUUVDvuOuGR4EJ/dFEQo7WU

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  5a0ca1e2771130410a11c3ffc0e86c0a_JaffaCakes118
- Size
  
  76KB
- MD5
  
  5a0ca1e2771130410a11c3ffc0e86c0a
- SHA1
  
  e609fc6698ade8217e305675d7c200e4f33a2043
- SHA256
  
  dc9bf2333329ab7355d4735fa2e3e6ddb1bb07929e2c977cfafd3be3aded9c94
- SHA512
  
  137eb67caec78cb7c8c26ff6bcb95329425034e13d054b95d5d7103d996cf032f6a4b0b5e5db3bea3aafb40474ea724321c9e1204d17bdaa954df94a8ee79a8b
- SSDEEP
  
  768:q0dWDoPQ70q6VETjtDQcUd6EsJ4Szvu4Isw+OklOBz4pz4EKyTpLZd3BTiVQotJv:jI8YgVijHUUVDvuOuGR4EJ/dFEQo7WU
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2