a3ee1c61441d3c1a013628e633d089ebab2085782db8099565d72c4e8565aa89 | Triage

Sharing

General

Target

a826db1cd27f3e45e20342883e85cee8_JaffaCakes118
Size

943KB
Sample

240818-zlb1patcjf
MD5

a826db1cd27f3e45e20342883e85cee8
SHA1

85821beae33b84e3917e7f85c27738cce25b6911
SHA256

a3ee1c61441d3c1a013628e633d089ebab2085782db8099565d72c4e8565aa89
SHA512

eefcf2d7efa53fc971eeefaedb2c1f9a2ada8ed0f5c328806fb105954a8b1fc55a9e39c8daaf857b72852e75ef9a5835c64724cabb944707ab8e40613dce4b8a
SSDEEP

24576:eadY/TEdVYkEp3W8AD/Dhd+y4lqJ8QdCYDoDN4H1GAR11F:ezTEdesvD/DX+y4onCYDoDaD

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  a826db1cd27f3e45e20342883e85cee8_JaffaCakes118
- Size
  
  943KB
- MD5
  
  a826db1cd27f3e45e20342883e85cee8
- SHA1
  
  85821beae33b84e3917e7f85c27738cce25b6911
- SHA256
  
  a3ee1c61441d3c1a013628e633d089ebab2085782db8099565d72c4e8565aa89
- SHA512
  
  eefcf2d7efa53fc971eeefaedb2c1f9a2ada8ed0f5c328806fb105954a8b1fc55a9e39c8daaf857b72852e75ef9a5835c64724cabb944707ab8e40613dce4b8a
- SSDEEP
  
  24576:eadY/TEdVYkEp3W8AD/Dhd+y4lqJ8QdCYDoDN4H1GAR11F:ezTEdesvD/DX+y4onCYDoDaD
Score

7^/10

bootkit discovery persistence
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2