28cff7e126a5fa90c07d55bf3da3e784c1b3d99dc06c1323c9feb55e2467826e | Triage

Sharing

General

Target

JaffaCakes118_d9d12b6776f82274277f1a34efd8d766
Size

134KB
Sample

250210-k8fvtswmaq
MD5

d9d12b6776f82274277f1a34efd8d766
SHA1

4835a2c7f6b4df5c8dcd1452492bbb01a954e0d0
SHA256

28cff7e126a5fa90c07d55bf3da3e784c1b3d99dc06c1323c9feb55e2467826e
SHA512

5b081debb96fc4149febdae5ea926c31e6ea589ec2cbe987a3967a9a0ef790e1c8dbb4d19f8f5506d6fddc84bf4b00794eb4c1c21a60ed68b00fe411fe1dd187
SSDEEP

3072:QWkCl1sKv4gq7hKvOTgWlIQK4oHSzAIdMgEMLsfxM2CPI4+IfMFjSVbf:Q3Cvag+EWT92OAId2MLsJcA4bM8Nf

Score

8^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  Lost_Horizon_keygen_by_DBC.exe
- Size
  
  146KB
- MD5
  
  09d4ff7379d331bffc685ef59f946c11
- SHA1
  
  1cb84d2ccdc4bcb8f3d8c78708f3c28bfc6864a3
- SHA256
  
  8ee74b146b578308f33f2b29a64c129e1773dfb6c8bc23747d75acd8ffab7fa7
- SHA512
  
  80803e256064f76cfc4c17cd63a8cd3f032ccd8bd8ef88012429cab2989b0119f0861248c40184329f362ac9e982003d2ead9cc557f08c4be8a74ccd16f64b2e
- SSDEEP
  
  3072:9A85FnZ8UUm+EmQ6Dx4qwkgEMLsfxM2pmOfDIEFL2dP:iUAUUm+tQ6DLwuMLsJPmOfDod
Score

8^/10

bootkit discovery persistence
- Downloads MZ/PE file
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2