765555862f779f07f5d50b07e96bede9bd5ecb07b8ed4c9a1b94128302475269 | Triage

Sharing

General

Target

b1cdd534ec6cfbea6bd027341dc23de6_JaffaCakes118
Size

2.4MB
Sample

240821-c3erkszdpm
MD5

b1cdd534ec6cfbea6bd027341dc23de6
SHA1

2fa6fec388a051dabcf1da50ad2bbb30f3d9fd53
SHA256

765555862f779f07f5d50b07e96bede9bd5ecb07b8ed4c9a1b94128302475269
SHA512

155a24c70aeb8e8afeeb1b2402ab3569668598f33f8f06b3b8403a101b7d997dc2183c09d28ec28185d0a2968399482eaaa6a3471b6a5941d7d19f5cf54dec5d
SSDEEP

49152:GuVZTizTSpXwhTLhhGRAvrofywiKrf828vo5OM6O5JqMuh/:PVZTCCw93GRAvkgy88+Axuh/

Score

7^/10

aspackv2 bootkit discovery persistence

Malware Config

Targets

- Target
  
  公司取名软件.exe
- Size
  
  2.4MB
- MD5
  
  17b31285b93b2ace1aba9e9584f6ed55
- SHA1
  
  58722cf122986545d2989b48c9e9435109717fac
- SHA256
  
  097e476ad87f230f72691ba82e86fda468d7a98b1fb0b793b47338e93c2b436c
- SHA512
  
  cb80a1a99a8aaf0cbcc1d2388868853953280e84d2c455ef622118a05b3cb57ae8c8a27de961f4fa8b3c46fbbdf96c976562921c17960089c88ff3e48c4b992b
- SSDEEP
  
  49152:iG/PCk5mHXRmul8dWxlZmIfrS9A4FMVEFQ+LU5aGulmIqmDsTk5rZnPJbg:BqkFu+44EdlVECP5X5isorzb
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence

behavioral3

behavioral4