4c6fed24ceb9cfbb7b483a3b49a4f419c784ba946e84d346ae9abcf6e174b9d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dddac535543b01717fad1b6728afb768_JaffaCakes118
Size

56KB
Sample

240913-g7a2eayerj
MD5

dddac535543b01717fad1b6728afb768
SHA1

02a9ebad5c804e18df671f8a15e465222dc58388
SHA256

4c6fed24ceb9cfbb7b483a3b49a4f419c784ba946e84d346ae9abcf6e174b9d2
SHA512

488621128bea9a1cb5f22705bc8f6e1a589f26caec128b09f673590b532916d834a1678f48946a1c373e752b5bfdd6f1a4a33318d94c2925e80ddca2c5467146
SSDEEP

768:MvJtstqiIhZ9KvWZtpT1/reyb0cNKhQOg78Kq9PpONqc9XtftidPF:MvTwEhZ8WZnTx70cN4QOzKq9+D9fid

Score

10^/10

bootkit discovery evasion persistence

Malware Config

Targets

- Target
  
  dddac535543b01717fad1b6728afb768_JaffaCakes118
- Size
  
  56KB
- MD5
  
  dddac535543b01717fad1b6728afb768
- SHA1
  
  02a9ebad5c804e18df671f8a15e465222dc58388
- SHA256
  
  4c6fed24ceb9cfbb7b483a3b49a4f419c784ba946e84d346ae9abcf6e174b9d2
- SHA512
  
  488621128bea9a1cb5f22705bc8f6e1a589f26caec128b09f673590b532916d834a1678f48946a1c373e752b5bfdd6f1a4a33318d94c2925e80ddca2c5467146
- SSDEEP
  
  768:MvJtstqiIhZ9KvWZtpT1/reyb0cNKhQOg78Kq9PpONqc9XtftidPF:MvTwEhZ8WZnTx70cN4QOzKq9+D9fid
Score

10^/10

bootkit evasion persistence discovery
- Modifies visibility of file extensions in Explorer
  evasion
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitevasionpersistence

behavioral2

bootkitdiscoveryevasionpersistence