8d6cfc77ea540ffa3921095b7f9f1f3a197b4f22a2020eb64cf92beb0e5054c8 | Triage

Sharing

General

Target

JaffaCakes118_70a4765ad82ea5ac555dfb6c6e3fb5a1
Size

823KB
Sample

250313-pz95jawjt2
MD5

70a4765ad82ea5ac555dfb6c6e3fb5a1
SHA1

025186a3543a190006f7c4d4bde1445e1adfae89
SHA256

8d6cfc77ea540ffa3921095b7f9f1f3a197b4f22a2020eb64cf92beb0e5054c8
SHA512

a244b93329aaf6b72c8bd80d1ff9ed769b16ad0b57ca45f2777de4a014b3dac35aadcfffeb6e85bdde8a13af3f2a009fd537942607808a5fb5e9162477f628c1
SSDEEP

12288:rNtTird63I1pZYfMsjMf4HnTI7w8UA1ACJS9fnzmng8AFvkDYKABZcJE0:bTEd6YdYf3M4H6N1LS9vmAcDYtZT0

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_70a4765ad82ea5ac555dfb6c6e3fb5a1
- Size
  
  823KB
- MD5
  
  70a4765ad82ea5ac555dfb6c6e3fb5a1
- SHA1
  
  025186a3543a190006f7c4d4bde1445e1adfae89
- SHA256
  
  8d6cfc77ea540ffa3921095b7f9f1f3a197b4f22a2020eb64cf92beb0e5054c8
- SHA512
  
  a244b93329aaf6b72c8bd80d1ff9ed769b16ad0b57ca45f2777de4a014b3dac35aadcfffeb6e85bdde8a13af3f2a009fd537942607808a5fb5e9162477f628c1
- SSDEEP
  
  12288:rNtTird63I1pZYfMsjMf4HnTI7w8UA1ACJS9fnzmng8AFvkDYKABZcJE0:bTEd6YdYf3M4H6N1LS9vmAcDYtZT0
Score

6^/10

bootkit persistence discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2