3b6db1e5c7c2d70bac791ef2f46c4399ff8fa43535d45dc11b2f72263eb43bc8 | Triage

Sharing

General

Target

eab4d4f7cd6a0c870b5dbabac6ae1f9f_JaffaCakes118
Size

148KB
Sample

240919-glmhbatemh
MD5

eab4d4f7cd6a0c870b5dbabac6ae1f9f
SHA1

b0967aff0caa7df6a6d56554d5130a1105ebcabb
SHA256

3b6db1e5c7c2d70bac791ef2f46c4399ff8fa43535d45dc11b2f72263eb43bc8
SHA512

6c623c75a4a68d82db4dbe8f8eb5f2f564b53318ecf5a615576e18b12101478fab81bbaefd3ae81e0cd67c571ab5334c4054c1df90d813f5834d305c6e918773
SSDEEP

3072:kbc0huXRvc5qYxDwpmTwVwftCTjx2cEx:t6uXZc9DVowftCTVzEx

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  eab4d4f7cd6a0c870b5dbabac6ae1f9f_JaffaCakes118
- Size
  
  148KB
- MD5
  
  eab4d4f7cd6a0c870b5dbabac6ae1f9f
- SHA1
  
  b0967aff0caa7df6a6d56554d5130a1105ebcabb
- SHA256
  
  3b6db1e5c7c2d70bac791ef2f46c4399ff8fa43535d45dc11b2f72263eb43bc8
- SHA512
  
  6c623c75a4a68d82db4dbe8f8eb5f2f564b53318ecf5a615576e18b12101478fab81bbaefd3ae81e0cd67c571ab5334c4054c1df90d813f5834d305c6e918773
- SSDEEP
  
  3072:kbc0huXRvc5qYxDwpmTwVwftCTjx2cEx:t6uXZc9DVowftCTVzEx
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2