11a2f96342d26607070bea9d9ee99f364f6f981ef1c04ea02eff59b682ddc39a | Triage

Sharing

General

Target

842c21e4be1713a7f5a599bfa5b01b2b_JaffaCakes118
Size

1.2MB
Sample

240810-aytc3a1ekh
MD5

842c21e4be1713a7f5a599bfa5b01b2b
SHA1

c7c28b307dea0269b56fb842c2866983a5b35625
SHA256

11a2f96342d26607070bea9d9ee99f364f6f981ef1c04ea02eff59b682ddc39a
SHA512

fe95c2b5f480f3c54dc76e1f7814ac5d0afb92ff8464ca32fbd5850e83d4fb9407c3fc4a0dac5023740e2509e5cfee6eb9690cfd19a56bab4c375f9ac2b2fba9
SSDEEP

24576:JY3gk2Hp6IdOJFxp6w/zaZrETq05w5ZlB7e5RPRXnMM7eQXF9iYjKTMNj0iQHa:Jkgk2J6IMhB/0reCD/eeQX3voiWa

Score

7^/10

aspackv2 bootkit discovery persistence

Malware Config

Targets

- Target
  
  SeoTool/SEO伪原创工具.exe
- Size
  
  1.2MB
- MD5
  
  ff6d733a28bda21ef5c509855c7c0a6e
- SHA1
  
  570c6fe5b9ca35884eedacc6e08ce1d2b26abd01
- SHA256
  
  db20eb433d66776158b330107296c7bfa3fd35ff9bdf395ac5459ef53a2342b0
- SHA512
  
  05ba8c1af0c18f740fe081b4ea6f4044ae6fe1ab24409f3ee02817d9096921d53f22fc751f89ae965cf19cb4e396bc1b3f196d73ab842686f8229c7d728e6dd4
- SSDEEP
  
  24576:EBzBWWre/4KQdp0VH8jzvI+JHe/v8mgrtI5yyOPqFMldCT+K:OVWWajf4h2v8mOgHOCeldCyK
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  SeoTool/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

behavioral3

behavioral4