ce63d29e7d47c56cd2f9d7f8111799eae362a607a7af33fa87533d44a029c36d | Triage

Sharing

General

Target

8cb5b0d718df3acd38f3f76a6f91a453_JaffaCakes118
Size

80KB
Sample

240812-bfqpwsxhlj
MD5

8cb5b0d718df3acd38f3f76a6f91a453
SHA1

05c03d4b7ec46de21ddab83cf61ebf50f1c43c32
SHA256

ce63d29e7d47c56cd2f9d7f8111799eae362a607a7af33fa87533d44a029c36d
SHA512

af864e100a2a13e6f364e18566242a1aa4306f7afe02083f800aa94d239687d31702e5c51a2ccfc43ba7bb095b0010a486685eccf2db19664b8393fdf96b8869
SSDEEP

1536:siiGT6/edYg98zNU9poXlJ6VXHghNKpRi+Ki:sHGT6/V1xU9p0lW3ghCRi+n

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  8cb5b0d718df3acd38f3f76a6f91a453_JaffaCakes118
- Size
  
  80KB
- MD5
  
  8cb5b0d718df3acd38f3f76a6f91a453
- SHA1
  
  05c03d4b7ec46de21ddab83cf61ebf50f1c43c32
- SHA256
  
  ce63d29e7d47c56cd2f9d7f8111799eae362a607a7af33fa87533d44a029c36d
- SHA512
  
  af864e100a2a13e6f364e18566242a1aa4306f7afe02083f800aa94d239687d31702e5c51a2ccfc43ba7bb095b0010a486685eccf2db19664b8393fdf96b8869
- SSDEEP
  
  1536:siiGT6/edYg98zNU9poXlJ6VXHghNKpRi+Ki:sHGT6/V1xU9p0lW3ghCRi+n
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2