b11fdd1bb945e4ffe9da7103907bb09ac3949c3e7e440438b21d3d548bbd1f20 | Triage

Sharing

General

Target

d42d74365cd8bf0985d43d0d0ccc7b79_JaffaCakes118
Size

472KB
Sample

240908-mtmqyatgra
MD5

d42d74365cd8bf0985d43d0d0ccc7b79
SHA1

74ed4ce145aacad40a9b610c1f0901de7b24b781
SHA256

b11fdd1bb945e4ffe9da7103907bb09ac3949c3e7e440438b21d3d548bbd1f20
SHA512

1eee6359d946bf5d2879dba9e8c50c6b19b59b7563928a09a4aff6be09ebbd151895c0c5b5dd27d8dd3efcb875ecb401fb4a15f4141763b72500b91112d917e7
SSDEEP

12288:UDlqu+4r5zSHxvKhszwDZV5AsTSqT1YRF0q2TdE+h1h0DQ7rqvrK:UBE4r5dsED75XlYj0q2TdE+h1h0DQ7r8

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  d42d74365cd8bf0985d43d0d0ccc7b79_JaffaCakes118
- Size
  
  472KB
- MD5
  
  d42d74365cd8bf0985d43d0d0ccc7b79
- SHA1
  
  74ed4ce145aacad40a9b610c1f0901de7b24b781
- SHA256
  
  b11fdd1bb945e4ffe9da7103907bb09ac3949c3e7e440438b21d3d548bbd1f20
- SHA512
  
  1eee6359d946bf5d2879dba9e8c50c6b19b59b7563928a09a4aff6be09ebbd151895c0c5b5dd27d8dd3efcb875ecb401fb4a15f4141763b72500b91112d917e7
- SSDEEP
  
  12288:UDlqu+4r5zSHxvKhszwDZV5AsTSqT1YRF0q2TdE+h1h0DQ7rqvrK:UBE4r5dsED75XlYj0q2TdE+h1h0DQ7r8
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence