44c93b3da7424f2b6e81235db92c9a78284d731c3584ffc5a1344a32983bc5db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84b74a295561fd014a9368d19529c4bb_JaffaCakes118
Size

452KB
Sample

240810-ehft9ayemb
MD5

84b74a295561fd014a9368d19529c4bb
SHA1

e08d32f17a1c56960f08ddb9c474db81da5d4a8f
SHA256

44c93b3da7424f2b6e81235db92c9a78284d731c3584ffc5a1344a32983bc5db
SHA512

e8a7153ff472e183582db9211cd214916205c79eeb61ad0cb5adb4ffd23c3e43a3811d207846f619fc674355d8f9134ed235c8809ae0f2500d7c8d75a525bba3
SSDEEP

12288:Tv/EnRA4inAjqbafnMShRVT0Iw5pILa1c8:sinpbafM3lij8

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  84b74a295561fd014a9368d19529c4bb_JaffaCakes118
- Size
  
  452KB
- MD5
  
  84b74a295561fd014a9368d19529c4bb
- SHA1
  
  e08d32f17a1c56960f08ddb9c474db81da5d4a8f
- SHA256
  
  44c93b3da7424f2b6e81235db92c9a78284d731c3584ffc5a1344a32983bc5db
- SHA512
  
  e8a7153ff472e183582db9211cd214916205c79eeb61ad0cb5adb4ffd23c3e43a3811d207846f619fc674355d8f9134ed235c8809ae0f2500d7c8d75a525bba3
- SSDEEP
  
  12288:Tv/EnRA4inAjqbafnMShRVT0Iw5pILa1c8:sinpbafM3lij8
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2