90e79122a137f595cb196115894a18ae24252b76a4ea436f186106f75ae59c4b | Triage

Sharing

General

Target

693130f25c9de0214d29493b783af430_JaffaCakes118
Size

356KB
Sample

240723-2ca35svgrd
MD5

693130f25c9de0214d29493b783af430
SHA1

fd94366da752c36ab8e0d8521cfbb08f0f7dc7a1
SHA256

90e79122a137f595cb196115894a18ae24252b76a4ea436f186106f75ae59c4b
SHA512

f86f5725054edf038c33983d36892519152730f638bf360581d2a7c403de0e677c3914b3233b57623cc9af610274e378dee8c2e1342740f065c8f838ab6c52d6
SSDEEP

6144:t3FTYsJEHwvP6bQ7yMP+DE827HP9iPMhLNHebwvP6bQ7yMP+DE827paSiHW:VFT16b7MP+Dd2jnj6b7MP+Dd2NaSqW

Score

8^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  693130f25c9de0214d29493b783af430_JaffaCakes118
- Size
  
  356KB
- MD5
  
  693130f25c9de0214d29493b783af430
- SHA1
  
  fd94366da752c36ab8e0d8521cfbb08f0f7dc7a1
- SHA256
  
  90e79122a137f595cb196115894a18ae24252b76a4ea436f186106f75ae59c4b
- SHA512
  
  f86f5725054edf038c33983d36892519152730f638bf360581d2a7c403de0e677c3914b3233b57623cc9af610274e378dee8c2e1342740f065c8f838ab6c52d6
- SSDEEP
  
  6144:t3FTYsJEHwvP6bQ7yMP+DE827HP9iPMhLNHebwvP6bQ7yMP+DE827paSiHW:VFT16b7MP+Dd2jnj6b7MP+Dd2NaSqW
Score

8^/10

bootkit discovery persistence
- Drops file in Drivers directory
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2