7e93f48cadbf07826b53fdb3bcc6981db6e7f9fa7b61afcd286f38f9b593a29a | Triage

Sharing

General

Target

0da26e291855b459aa063defe3429fb2_JaffaCakes118
Size

244KB
Sample

241003-dpzeha1grj
MD5

0da26e291855b459aa063defe3429fb2
SHA1

1d973d4b3a97d102b3145fd8820cff19aacace73
SHA256

7e93f48cadbf07826b53fdb3bcc6981db6e7f9fa7b61afcd286f38f9b593a29a
SHA512

da99c2c923951e6438ae6785d028060d1ce600a15c3a62777c87bceb7a0de8ef88b8327e6fd9cbac12c20e984bad6bdf32c2b88e401080efdf18c725d4d76b82
SSDEEP

3072:Ubfb1MGtnumg7/g8X/i96loBea4oxnTORAu4GHsUNOEJBI/ap05O0tHHxo:UbT1ttnumo/f696yj4tKTGsUEEJAKaxo

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  0da26e291855b459aa063defe3429fb2_JaffaCakes118
- Size
  
  244KB
- MD5
  
  0da26e291855b459aa063defe3429fb2
- SHA1
  
  1d973d4b3a97d102b3145fd8820cff19aacace73
- SHA256
  
  7e93f48cadbf07826b53fdb3bcc6981db6e7f9fa7b61afcd286f38f9b593a29a
- SHA512
  
  da99c2c923951e6438ae6785d028060d1ce600a15c3a62777c87bceb7a0de8ef88b8327e6fd9cbac12c20e984bad6bdf32c2b88e401080efdf18c725d4d76b82
- SSDEEP
  
  3072:Ubfb1MGtnumg7/g8X/i96loBea4oxnTORAu4GHsUNOEJBI/ap05O0tHHxo:UbT1ttnumo/f696yj4tKTGsUEEJAKaxo
Score

7^/10

bootkit discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

bootkitdiscoverypersistence