1ec82c34a4e2aaa7d98b619cccbfb7f5479129a44b0694617fac0fbde6c929e6 | Triage

Sharing

General

Target

918101514ec071cddd5dd5f72a5de02c_JaffaCakes118
Size

11KB
Sample

241124-al49sszrbm
MD5

918101514ec071cddd5dd5f72a5de02c
SHA1

98e0fa22e07932b65a41b3e355de85dd886fda76
SHA256

1ec82c34a4e2aaa7d98b619cccbfb7f5479129a44b0694617fac0fbde6c929e6
SHA512

21a1bb287593719ebf2fbeaa18d3095e18a1a3332f06e860a1b636eb3afa2cfb57d95add4f2f49753537f70fb6a24b595de5e5e3f5c8edca91cbbeedf4d145bd
SSDEEP

192:LsexxfXLIs/dFxDZ/H5ijnNC4kDiK/gEf6TMKbNag9WysYW7J:LbLI6Ff/cBLhK/gEf61bNag9WysYW7

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  918101514ec071cddd5dd5f72a5de02c_JaffaCakes118
- Size
  
  11KB
- MD5
  
  918101514ec071cddd5dd5f72a5de02c
- SHA1
  
  98e0fa22e07932b65a41b3e355de85dd886fda76
- SHA256
  
  1ec82c34a4e2aaa7d98b619cccbfb7f5479129a44b0694617fac0fbde6c929e6
- SHA512
  
  21a1bb287593719ebf2fbeaa18d3095e18a1a3332f06e860a1b636eb3afa2cfb57d95add4f2f49753537f70fb6a24b595de5e5e3f5c8edca91cbbeedf4d145bd
- SSDEEP
  
  192:LsexxfXLIs/dFxDZ/H5ijnNC4kDiK/gEf6TMKbNag9WysYW7J:LbLI6Ff/cBLhK/gEf61bNag9WysYW7
Score

6^/10

discovery bootkit persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bootkitdiscoverypersistence