1b7330be21ce5d34baf0fa145f2137f25d51a967599ec30768110de37ab5dcbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa08746b8e8871a7f13e44dc58503ef9_JaffaCakes118
Size

52KB
Sample

240927-jzpwpssgjk
MD5

fa08746b8e8871a7f13e44dc58503ef9
SHA1

c922d47f94fb93735d4a6e39bf68904cd74223fa
SHA256

1b7330be21ce5d34baf0fa145f2137f25d51a967599ec30768110de37ab5dcbb
SHA512

1cdc2c92454e3d1ba13b724aeaaec7572f3ae84ab6659b777b1e926955a748adaf48ff299482b3aaf6b03154931c8ab10171c6206fa607750ae311e445ac5f3c
SSDEEP

1536:wOMZpEUEKkrEEZ6OgdWy03KxsEBy/tsuJq:wOMgUEKWES+OKiEB4q

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  fa08746b8e8871a7f13e44dc58503ef9_JaffaCakes118
- Size
  
  52KB
- MD5
  
  fa08746b8e8871a7f13e44dc58503ef9
- SHA1
  
  c922d47f94fb93735d4a6e39bf68904cd74223fa
- SHA256
  
  1b7330be21ce5d34baf0fa145f2137f25d51a967599ec30768110de37ab5dcbb
- SHA512
  
  1cdc2c92454e3d1ba13b724aeaaec7572f3ae84ab6659b777b1e926955a748adaf48ff299482b3aaf6b03154931c8ab10171c6206fa607750ae311e445ac5f3c
- SSDEEP
  
  1536:wOMZpEUEKkrEEZ6OgdWy03KxsEBy/tsuJq:wOMgUEKWES+OKiEB4q
Score

6^/10

bootkit discovery persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2