8081cbde2dc6ed5829c7dae40f4932a0b61f4b70395c75d562652c85bf770eab | Triage

Sharing

General

Target

f6fd516b8b43d733c08913f26fd1f581_JaffaCakes118
Size

137KB
Sample

240925-2jv2ws1gpp
MD5

f6fd516b8b43d733c08913f26fd1f581
SHA1

05addcbe651511a98ed1963621a6ce5edaef24b6
SHA256

8081cbde2dc6ed5829c7dae40f4932a0b61f4b70395c75d562652c85bf770eab
SHA512

7bbecbfee4090df58a912fd900e0ee2ce7cefd76917c9ea4a5895415ecf4d7931114909ebdd7eb48318e7071b61c24b4faab643e6744f22ea8ab21a2c0896073
SSDEEP

3072:8J2IncTCVYbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7beH:886cTK2wvP6bQ7yMP+DE827CH

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  f6fd516b8b43d733c08913f26fd1f581_JaffaCakes118
- Size
  
  137KB
- MD5
  
  f6fd516b8b43d733c08913f26fd1f581
- SHA1
  
  05addcbe651511a98ed1963621a6ce5edaef24b6
- SHA256
  
  8081cbde2dc6ed5829c7dae40f4932a0b61f4b70395c75d562652c85bf770eab
- SHA512
  
  7bbecbfee4090df58a912fd900e0ee2ce7cefd76917c9ea4a5895415ecf4d7931114909ebdd7eb48318e7071b61c24b4faab643e6744f22ea8ab21a2c0896073
- SSDEEP
  
  3072:8J2IncTCVYbbrMbvT0q8O1cZPzQ7IXMBc+AMP+QfQEhxFyVU7beH:886cTK2wvP6bQ7yMP+DE827CH
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2