5e3dd0466ff85e4358b5eb748841546f7a204870ada37fd30bd99fb5be7c5349 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be133c06bde806ec13ea4db618db33a3_JaffaCakes118
Size

510KB
Sample

240824-hfv3yaxgnf
MD5

be133c06bde806ec13ea4db618db33a3
SHA1

c48bc6f4e1d37a0aa343f439a488bed55c76b909
SHA256

5e3dd0466ff85e4358b5eb748841546f7a204870ada37fd30bd99fb5be7c5349
SHA512

7e0435daaa8c7909a442f9f68526c3368fa3df0e5ac6e33f97c6332b0ca8dd80788f0d595948bd445b1dde5cb9a4fd4312b00eba5ff73cbd9b0b725ace88b9f8
SSDEEP

12288:MZSayd0ipruR8qjP1FFFOOzhEYkLWN4Z3Lq3F:MZ2prunLXFFO1La4Rm3F

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  be133c06bde806ec13ea4db618db33a3_JaffaCakes118
- Size
  
  510KB
- MD5
  
  be133c06bde806ec13ea4db618db33a3
- SHA1
  
  c48bc6f4e1d37a0aa343f439a488bed55c76b909
- SHA256
  
  5e3dd0466ff85e4358b5eb748841546f7a204870ada37fd30bd99fb5be7c5349
- SHA512
  
  7e0435daaa8c7909a442f9f68526c3368fa3df0e5ac6e33f97c6332b0ca8dd80788f0d595948bd445b1dde5cb9a4fd4312b00eba5ff73cbd9b0b725ace88b9f8
- SSDEEP
  
  12288:MZSayd0ipruR8qjP1FFFOOzhEYkLWN4Z3Lq3F:MZ2prunLXFFO1La4Rm3F
Score

6^/10

bootkit discovery persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence