d0ac3950fcd379d65ac0e7e5d7ab32262ddf021cd56cbc609c688695990a9c53 | Triage

Sharing

General

Target

6fcfdd23a36fdc9595362f330c4dea35_JaffaCakes118
Size

1.7MB
Sample

240725-qy6w6a1gjn
MD5

6fcfdd23a36fdc9595362f330c4dea35
SHA1

a8b641b389df4dd1f74b8e913b102d4c2f6c9c12
SHA256

d0ac3950fcd379d65ac0e7e5d7ab32262ddf021cd56cbc609c688695990a9c53
SHA512

89ac6753669785010645f09471d8d2d065c5886cbd147c5023b64d1bff25b45d18602d57b9da21883d6ad5a527648431bd5a904b48b33a28683bb01a1236ff70
SSDEEP

49152:jhPG+uycEgxXg5Vf4S5NNtBOMxraJ/ZxozDcDtT:lFuzKHrjOMI3F

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  6fcfdd23a36fdc9595362f330c4dea35_JaffaCakes118
- Size
  
  1.7MB
- MD5
  
  6fcfdd23a36fdc9595362f330c4dea35
- SHA1
  
  a8b641b389df4dd1f74b8e913b102d4c2f6c9c12
- SHA256
  
  d0ac3950fcd379d65ac0e7e5d7ab32262ddf021cd56cbc609c688695990a9c53
- SHA512
  
  89ac6753669785010645f09471d8d2d065c5886cbd147c5023b64d1bff25b45d18602d57b9da21883d6ad5a527648431bd5a904b48b33a28683bb01a1236ff70
- SSDEEP
  
  49152:jhPG+uycEgxXg5Vf4S5NNtBOMxraJ/ZxozDcDtT:lFuzKHrjOMI3F
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence