7d49e8bd52eb8c6aff222cc98e4502dfe1d3be546909f1720e2554df90f5719f | Triage

Sharing

General

Target

f647fecfda6bc469055df4a48119f064_JaffaCakes118
Size

332KB
Sample

240925-sj843svgpb
MD5

f647fecfda6bc469055df4a48119f064
SHA1

111a1c2fea67c02e0de8597f7fea2f3c35a0398c
SHA256

7d49e8bd52eb8c6aff222cc98e4502dfe1d3be546909f1720e2554df90f5719f
SHA512

fad2190402a3e6a90f9022b1f3ab9598e24a9462cac7f2d6029a97684f253534ef524d75d51e12846b9f872ef10cca69ea2d4f43868d576c3b7c2fb6356e4e71
SSDEEP

6144:w5ZUv/Z7QRbOCe2Qy8/yRoH2QuF0RBfqMJX+VzpMb6ZkqmcznrF63GU2vL7:w5ZUuRn8/yRx4BfqMJO7kqDF63GU2j7

Score

6^/10

bootkit discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f647fecfda6bc469055df4a48119f064_JaffaCakes118
- Size
  
  332KB
- MD5
  
  f647fecfda6bc469055df4a48119f064
- SHA1
  
  111a1c2fea67c02e0de8597f7fea2f3c35a0398c
- SHA256
  
  7d49e8bd52eb8c6aff222cc98e4502dfe1d3be546909f1720e2554df90f5719f
- SHA512
  
  fad2190402a3e6a90f9022b1f3ab9598e24a9462cac7f2d6029a97684f253534ef524d75d51e12846b9f872ef10cca69ea2d4f43868d576c3b7c2fb6356e4e71
- SSDEEP
  
  6144:w5ZUv/Z7QRbOCe2Qy8/yRoH2QuF0RBfqMJX+VzpMb6ZkqmcznrF63GU2vL7:w5ZUuRn8/yRx4BfqMJO7kqDF63GU2j7
Score

6^/10

bootkit discovery evasion persistence trojan
- Checks whether UAC is enabled
  evasion trojan
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Modify Registry

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoveryevasionpersistencetrojan

behavioral2

discoveryevasiontrojan