6a3769b25b77ad2d587ce5c7a2fdd689b200b83b1121e42daa5eafd89453d361 | Triage

Sharing

General

Target

90e6856c7ebc92ffe04f96c82f3d5e46_JaffaCakes118
Size

384KB
Sample

241123-1xc8kaymht
MD5

90e6856c7ebc92ffe04f96c82f3d5e46
SHA1

fb2d9d951dec500c61a21fc134038478a9c58030
SHA256

6a3769b25b77ad2d587ce5c7a2fdd689b200b83b1121e42daa5eafd89453d361
SHA512

4e04da4611fccbbe810ada5221e0699f24487817d7a44b4eed92e12fe0a4cec8edc43e54467eb2a6097fea402f15db91ca4694e906f9f92a523e2fdb6f84fc09
SSDEEP

6144:7YoYyqA8M7NFN9vB76uo0ar7G7FwgNJb/Icl5LmBvxT6DkxyAEUy7DTkkz8FAcce:R4Ad3NtB76uoSZbNek5LmBZTVy7DTWFi

Score

7^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  90e6856c7ebc92ffe04f96c82f3d5e46_JaffaCakes118
- Size
  
  384KB
- MD5
  
  90e6856c7ebc92ffe04f96c82f3d5e46
- SHA1
  
  fb2d9d951dec500c61a21fc134038478a9c58030
- SHA256
  
  6a3769b25b77ad2d587ce5c7a2fdd689b200b83b1121e42daa5eafd89453d361
- SHA512
  
  4e04da4611fccbbe810ada5221e0699f24487817d7a44b4eed92e12fe0a4cec8edc43e54467eb2a6097fea402f15db91ca4694e906f9f92a523e2fdb6f84fc09
- SSDEEP
  
  6144:7YoYyqA8M7NFN9vB76uo0ar7G7FwgNJb/Icl5LmBvxT6DkxyAEUy7DTkkz8FAcce:R4Ad3NtB76uoSZbNek5LmBZTVy7DTWFi
Score

7^/10

bootkit discovery persistence
- Executes dropped EXE
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2