4a9ac8822daee5026ef7c84429dfb3dcab8a32f8c66c22e7a0b6fd5966248fbb | Triage

Sharing

General

Target

a7a96db7c59b78fd020541a5930886c0_JaffaCakes118
Size

220KB
Sample

240818-wnf6mswfpb
MD5

a7a96db7c59b78fd020541a5930886c0
SHA1

3b7e99017b69483d87b578054220cfe8e9d7d8ff
SHA256

4a9ac8822daee5026ef7c84429dfb3dcab8a32f8c66c22e7a0b6fd5966248fbb
SHA512

9f27fff38ad7aa6d25ddec7631214f106973e66c9deac8eed45ee390fe0cc7dcb501fd7225589788374fcda4d7f74dafdfd21be563586ea42382ff9a5327cc1e
SSDEEP

6144:cQQ9ZzyGULqe+q6Dbu98gWNlPTGQQm6agrdW:8ZzFa6RNtTirdW

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  a7a96db7c59b78fd020541a5930886c0_JaffaCakes118
- Size
  
  220KB
- MD5
  
  a7a96db7c59b78fd020541a5930886c0
- SHA1
  
  3b7e99017b69483d87b578054220cfe8e9d7d8ff
- SHA256
  
  4a9ac8822daee5026ef7c84429dfb3dcab8a32f8c66c22e7a0b6fd5966248fbb
- SHA512
  
  9f27fff38ad7aa6d25ddec7631214f106973e66c9deac8eed45ee390fe0cc7dcb501fd7225589788374fcda4d7f74dafdfd21be563586ea42382ff9a5327cc1e
- SSDEEP
  
  6144:cQQ9ZzyGULqe+q6Dbu98gWNlPTGQQm6agrdW:8ZzFa6RNtTirdW
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2