26cf17176ea9e334c0060ebc2aaeeac6cf824b5ffb2424df5ab34df638f69504 | Triage

Sharing

General

Target

755f20f8e2a93c4b157e047d3f52c4f0_JaffaCakes118
Size

189KB
Sample

240726-x11lgssene
MD5

755f20f8e2a93c4b157e047d3f52c4f0
SHA1

017f458ca1cb445fbfe0cf13a483063a4c90aea6
SHA256

26cf17176ea9e334c0060ebc2aaeeac6cf824b5ffb2424df5ab34df638f69504
SHA512

3867c191801be34b53174f7eff071ce5ade9419d8be9d87f6d341dd366eb3122b0c961a29126aff78baf1d0a451e2bf5ccd79fb79f470b1fdde96802c879678d
SSDEEP

3072:m1jy3xw96HM0XnpvTyQvGn+nCuhTr8npE3dvvq9aGNLlcLssN7LcHPOPNy0iq2FI:CjYxE4TyQOI5JgpcvqNplchdYWPNy0dx

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  755f20f8e2a93c4b157e047d3f52c4f0_JaffaCakes118
- Size
  
  189KB
- MD5
  
  755f20f8e2a93c4b157e047d3f52c4f0
- SHA1
  
  017f458ca1cb445fbfe0cf13a483063a4c90aea6
- SHA256
  
  26cf17176ea9e334c0060ebc2aaeeac6cf824b5ffb2424df5ab34df638f69504
- SHA512
  
  3867c191801be34b53174f7eff071ce5ade9419d8be9d87f6d341dd366eb3122b0c961a29126aff78baf1d0a451e2bf5ccd79fb79f470b1fdde96802c879678d
- SSDEEP
  
  3072:m1jy3xw96HM0XnpvTyQvGn+nCuhTr8npE3dvvq9aGNLlcLssN7LcHPOPNy0iq2FI:CjYxE4TyQOI5JgpcvqNplchdYWPNy0dx
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2