13909fdf037b4192d53e2393614650aa48baaacbe0a2dd573a6864fd8c1571f5 | Triage

Sharing

General

Target

ba0d4c409d34e7ff0bbd1b1d26127cd3_JaffaCakes118
Size

152KB
Sample

240823-c7mmzstekk
MD5

ba0d4c409d34e7ff0bbd1b1d26127cd3
SHA1

359640488c461a191c2e96348dfcb57869d179ff
SHA256

13909fdf037b4192d53e2393614650aa48baaacbe0a2dd573a6864fd8c1571f5
SHA512

dab81fab7ac835a67057828b687750a7251a15fb806a1bb4d52f0df9773ad277ce7c8ee250feb1ad5868a5833b0d4cc2e37f23bdaa5e81be980c41771e96ca90
SSDEEP

3072:J1shJyk96HM0XU+aDe5UEGJSKz7ccRJMM3Ojl5MgNhFM/mP3P:J28Yn+aCyIK3ccnMxjRPX

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  ba0d4c409d34e7ff0bbd1b1d26127cd3_JaffaCakes118
- Size
  
  152KB
- MD5
  
  ba0d4c409d34e7ff0bbd1b1d26127cd3
- SHA1
  
  359640488c461a191c2e96348dfcb57869d179ff
- SHA256
  
  13909fdf037b4192d53e2393614650aa48baaacbe0a2dd573a6864fd8c1571f5
- SHA512
  
  dab81fab7ac835a67057828b687750a7251a15fb806a1bb4d52f0df9773ad277ce7c8ee250feb1ad5868a5833b0d4cc2e37f23bdaa5e81be980c41771e96ca90
- SSDEEP
  
  3072:J1shJyk96HM0XU+aDe5UEGJSKz7ccRJMM3Ojl5MgNhFM/mP3P:J28Yn+aCyIK3ccnMxjRPX
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2