436bc46f4b3356d878767ad13ada9dae7249f74dc3f8606b9f54c81d637c2d2c | Triage

Sharing

General

Target

baeb4ae0c23dc44f01bf1769e89226fe_JaffaCakes118
Size

72KB
Sample

240823-jtztqasfpf
MD5

baeb4ae0c23dc44f01bf1769e89226fe
SHA1

d4b2cf2324114fb4f6abe3c895143436555bcd80
SHA256

436bc46f4b3356d878767ad13ada9dae7249f74dc3f8606b9f54c81d637c2d2c
SHA512

eef81a66381e391793f99265c84469b4cda9ca561e94dba4fdef23c2bf0b7b864943e1cd1dd301bb553b673d81aa565fcb051731ba098d26a4695cbb4443b3db
SSDEEP

768:8UHaHMXFpDLtBMpkUnnjMOdBIFcA4LN3mfU8DolYU2BBToBw7O38UXUHTrdCL84L:Z6uzBaldbA4LNWbfBBToBw7ogpCw4b7

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  baeb4ae0c23dc44f01bf1769e89226fe_JaffaCakes118
- Size
  
  72KB
- MD5
  
  baeb4ae0c23dc44f01bf1769e89226fe
- SHA1
  
  d4b2cf2324114fb4f6abe3c895143436555bcd80
- SHA256
  
  436bc46f4b3356d878767ad13ada9dae7249f74dc3f8606b9f54c81d637c2d2c
- SHA512
  
  eef81a66381e391793f99265c84469b4cda9ca561e94dba4fdef23c2bf0b7b864943e1cd1dd301bb553b673d81aa565fcb051731ba098d26a4695cbb4443b3db
- SSDEEP
  
  768:8UHaHMXFpDLtBMpkUnnjMOdBIFcA4LN3mfU8DolYU2BBToBw7O38UXUHTrdCL84L:Z6uzBaldbA4LNWbfBBToBw7ogpCw4b7
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2