0b36a619be36ee0c37a7cdb53fe92ad3e5a61804cd3afcf232fbc74118aa39f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7e479ecddead0a9472a9c71e08ef1f3_JaffaCakes118
Size

51KB
Sample

240822-q7cpnszgqe
MD5

b7e479ecddead0a9472a9c71e08ef1f3
SHA1

a16e9fa3bdc44dd8a442b7772fb0b2020682f9db
SHA256

0b36a619be36ee0c37a7cdb53fe92ad3e5a61804cd3afcf232fbc74118aa39f3
SHA512

e0da772fb20664c3c6599621ef1fe2b27da9b02884713971461e8414e8697769a2b1a6a53b3bec3a40b0dd245cb051857d5c90dff43778330862535897b94a5d
SSDEEP

768:k8MfatTcAHe8mJrt/2rMcdKgsA+sXhZd1jcyYBSgg30ZYu9VmEiTOlEX:k8MCtAX8Kr6d5+2d1Jt7uHoTOlEX

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  b7e479ecddead0a9472a9c71e08ef1f3_JaffaCakes118
- Size
  
  51KB
- MD5
  
  b7e479ecddead0a9472a9c71e08ef1f3
- SHA1
  
  a16e9fa3bdc44dd8a442b7772fb0b2020682f9db
- SHA256
  
  0b36a619be36ee0c37a7cdb53fe92ad3e5a61804cd3afcf232fbc74118aa39f3
- SHA512
  
  e0da772fb20664c3c6599621ef1fe2b27da9b02884713971461e8414e8697769a2b1a6a53b3bec3a40b0dd245cb051857d5c90dff43778330862535897b94a5d
- SSDEEP
  
  768:k8MfatTcAHe8mJrt/2rMcdKgsA+sXhZd1jcyYBSgg30ZYu9VmEiTOlEX:k8MCtAX8Kr6d5+2d1Jt7uHoTOlEX
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2