0d296f9353373783f64441d9ef093ea9e624c1bacd0eb2bd3f650eae2124741d | Triage

Sharing

General

Target

JaffaCakes118_8a4c1d8d431cf0463f46c730dc23d7fe
Size

378KB
Sample

250328-d3vnga1xex
MD5

8a4c1d8d431cf0463f46c730dc23d7fe
SHA1

6bc6a3b86b4db03fe3fa9ce2855de9e0d8b1dfd3
SHA256

0d296f9353373783f64441d9ef093ea9e624c1bacd0eb2bd3f650eae2124741d
SHA512

8d368a36b44ddaeeee45e99b1d795e6dee33ff3d2d00a2797873272c6f4f97fc802f6b097bb7275a619379c63f84e37b1f424bdf2d2fbef90449824c5b1ba926
SSDEEP

6144:dB+jpE94r9JheG47PWYkznOFzJzlG2ootEIvjE94MAmmFPsKr5m/9PGcKgAzk+O7:dBcEarXhebPWYk7cNbXmI8486PU/9XKe

Score

7^/10

aspackv2 bootkit discovery persistence

Malware Config

Targets

- Target
  
  LEX2.dll
- Size
  
  208KB
- MD5
  
  7cdf8999a50a34f50971a1c50bfae4bc
- SHA1
  
  1d972e66425f5a118dc3f9eac26439cc80d3af80
- SHA256
  
  5f82d1d4ec944e7d9951c09d0c82e8e8e552c8ba57139cecb87c65b151c1300c
- SHA512
  
  697d2bc09a43d6c52d725c41caf1bec219f18691c5ec74b2fccdac992fb8a5a1c354d2730ff20cbb5229642947770c028ee90461724fa12a65b41e9ee3d89565
- SSDEEP
  
  6144:yrxt8hEgJ5o3T6cI98gWNlPTGQQm6agrdGG66:y+h56T6uNtTirdB
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  LEX2.exe
- Size
  
  196KB
- MD5
  
  25f8e47eeb9294021b5b73ca301020c0
- SHA1
  
  2072e2827682c30b4781b7b35a07fbc35f69f3ad
- SHA256
  
  99afe0c5ca3d147c492001ac34a1bea8fb44134abcfe4c7228c2e1cf11a59afa
- SHA512
  
  ac98896b6f0de6d4c3f25d311aae3467a6da9bffe7c5834a83292534bd8df87f28e7166ad580986721322aa59313c0bfeea8cad863d60a7c727181bf0fca554b
- SSDEEP
  
  6144:wihCgS506gI98gWNlPTGQQm6agrdmbF6LF8frGz5o:wDO6oNtTirdsdjso
Score

6^/10

bootkit persistence discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitdiscoverypersistence

behavioral2

behavioral3

bootkitpersistence

behavioral4