6919d749b39eacadeda7e965697f12600436501fdc138ce14a5846072df3fdaf | Triage

Sharing

General

Target

fe51dcd84eddd021dd85918e1f2f408c_JaffaCakes118
Size

708KB
Sample

240929-mc25aszdlp
MD5

fe51dcd84eddd021dd85918e1f2f408c
SHA1

ed882b5a8ad8c71565016aab0f7bc7da265ccf4a
SHA256

6919d749b39eacadeda7e965697f12600436501fdc138ce14a5846072df3fdaf
SHA512

2ffbf7ac4527aa8b80b20755045c3f792061108019ef2491bb44501bff60002f9f687d31d0459d3dbe166e78d57710065bba83bc62f3266312c86a948df40288
SSDEEP

12288:Z6w3crdt3xaJFpzrnz9cRdmlhfBRXjIj25ckJRJL:Z60M8pzrnz9omlh5RjckJRJL

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  fe51dcd84eddd021dd85918e1f2f408c_JaffaCakes118
- Size
  
  708KB
- MD5
  
  fe51dcd84eddd021dd85918e1f2f408c
- SHA1
  
  ed882b5a8ad8c71565016aab0f7bc7da265ccf4a
- SHA256
  
  6919d749b39eacadeda7e965697f12600436501fdc138ce14a5846072df3fdaf
- SHA512
  
  2ffbf7ac4527aa8b80b20755045c3f792061108019ef2491bb44501bff60002f9f687d31d0459d3dbe166e78d57710065bba83bc62f3266312c86a948df40288
- SSDEEP
  
  12288:Z6w3crdt3xaJFpzrnz9cRdmlhfBRXjIj25ckJRJL:Z60M8pzrnz9omlh5RjckJRJL
Score

6^/10

bootkit discovery persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence