e551ae725b3c41fd9b6d193e9ecc54c35f8308c7e9ae069ab5e9c5357f408227 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efa5b64c060ea5aefc9be4fca1c123ee_JaffaCakes118
Size

423KB
Sample

240921-m3q5qayfrn
MD5

efa5b64c060ea5aefc9be4fca1c123ee
SHA1

5b6b8ced3cb40df89d311a28a32fe6811fbd1e38
SHA256

e551ae725b3c41fd9b6d193e9ecc54c35f8308c7e9ae069ab5e9c5357f408227
SHA512

7b1ec78cab1fbd99044df72561a0385d95be59903edb12b2e58a1e39269669a5910b2e0176c97e4bea5eb3e30e42f88336d442523506f06595a129192eb5b6dd
SSDEEP

6144:AvJzbbugYZX7TO19vnEV/j0VyCHHieRA2QOCnzbwBJnTouwlhik:AvJzvleXG3vsz9WQOCn3eJn4t

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  efa5b64c060ea5aefc9be4fca1c123ee_JaffaCakes118
- Size
  
  423KB
- MD5
  
  efa5b64c060ea5aefc9be4fca1c123ee
- SHA1
  
  5b6b8ced3cb40df89d311a28a32fe6811fbd1e38
- SHA256
  
  e551ae725b3c41fd9b6d193e9ecc54c35f8308c7e9ae069ab5e9c5357f408227
- SHA512
  
  7b1ec78cab1fbd99044df72561a0385d95be59903edb12b2e58a1e39269669a5910b2e0176c97e4bea5eb3e30e42f88336d442523506f06595a129192eb5b6dd
- SSDEEP
  
  6144:AvJzbbugYZX7TO19vnEV/j0VyCHHieRA2QOCnzbwBJnTouwlhik:AvJzvleXG3vsz9WQOCn3eJn4t
Score

6^/10

bootkit discovery persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence