b58890127dd6d775dc5125e951b9a9d887bd7f3e530b93d3b7038227876a30f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8c84705f500c4990edb8132ffbf0865_JaffaCakes118
Size

256KB
Sample

240822-xrsvaasgmb
MD5

b8c84705f500c4990edb8132ffbf0865
SHA1

12a4b330097fd2b1d8ee23304abc1d7bac9d3719
SHA256

b58890127dd6d775dc5125e951b9a9d887bd7f3e530b93d3b7038227876a30f2
SHA512

3b677a2ce3ef31fe8c7103277f6c08a0a90d26df5ad66d5303fb13e40260a6e054915272bb76f155dac441a82660260accd5a43b7eeed8c1e1ac7ec57a44d320
SSDEEP

6144:MLDB4bRUpbFqRFPK7iKce5DljEuzlVwLgNx4+8u:SSAbFCJQTcyQiVwLgNx98u

Score

7^/10

bootkit discovery persistence upx

Malware Config

Targets

- Target
  
  b8c84705f500c4990edb8132ffbf0865_JaffaCakes118
- Size
  
  256KB
- MD5
  
  b8c84705f500c4990edb8132ffbf0865
- SHA1
  
  12a4b330097fd2b1d8ee23304abc1d7bac9d3719
- SHA256
  
  b58890127dd6d775dc5125e951b9a9d887bd7f3e530b93d3b7038227876a30f2
- SHA512
  
  3b677a2ce3ef31fe8c7103277f6c08a0a90d26df5ad66d5303fb13e40260a6e054915272bb76f155dac441a82660260accd5a43b7eeed8c1e1ac7ec57a44d320
- SSDEEP
  
  6144:MLDB4bRUpbFqRFPK7iKce5DljEuzlVwLgNx4+8u:SSAbFCJQTcyQiVwLgNx98u
Score

7^/10

bootkit discovery persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistenceupx

behavioral2

bootkitdiscoverypersistenceupx