c6f0cc4fc1058b0c76a4aa46114362b4cfa272c289751ae170ecfe3be1c75733 | Triage

Sharing

General

Target

9140bf8fbdefc5e1ae520d15d89fc464_JaffaCakes118
Size

790KB
Sample

241123-3cypwasjcy
MD5

9140bf8fbdefc5e1ae520d15d89fc464
SHA1

51ff8dd0f7f925fdd85882c4495cdeef89bd0b1d
SHA256

c6f0cc4fc1058b0c76a4aa46114362b4cfa272c289751ae170ecfe3be1c75733
SHA512

cc43c7264e3fda25a9699e945c33c6a0165c051ac3bbdbb22a783260e1656c9bf5b35d95420e59e0a5c469a7433ffdc56f1e7df645a15ae7a524c4b5cbdb2dff
SSDEEP

24576:JI0+LK2DeFyPkbBfBZD5u3CgaCScrTEdE:J8py4PwpBZFu3CgVXTEd

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  9140bf8fbdefc5e1ae520d15d89fc464_JaffaCakes118
- Size
  
  790KB
- MD5
  
  9140bf8fbdefc5e1ae520d15d89fc464
- SHA1
  
  51ff8dd0f7f925fdd85882c4495cdeef89bd0b1d
- SHA256
  
  c6f0cc4fc1058b0c76a4aa46114362b4cfa272c289751ae170ecfe3be1c75733
- SHA512
  
  cc43c7264e3fda25a9699e945c33c6a0165c051ac3bbdbb22a783260e1656c9bf5b35d95420e59e0a5c469a7433ffdc56f1e7df645a15ae7a524c4b5cbdb2dff
- SSDEEP
  
  24576:JI0+LK2DeFyPkbBfBZD5u3CgaCScrTEdE:J8py4PwpBZFu3CgVXTEd
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2