e6be7b1924d058804c0a7bfc5183a5fdc99acf1df65d36102889eab28ef5fcc2 | Triage

Sharing

General

Target

JaffaCakes118_8af1d340b454a1be3badaca66cbe8b2b
Size

182KB
Sample

250328-x3mgmssj15
MD5

8af1d340b454a1be3badaca66cbe8b2b
SHA1

be3bf8fe4de5cba24c3ed16e02dbd8c721db26a9
SHA256

e6be7b1924d058804c0a7bfc5183a5fdc99acf1df65d36102889eab28ef5fcc2
SHA512

ef9b1ab17a2f0e002e45fb701fed82a155c2b49d2e22730c07a5f301d7145bde5d7a94b4e1e3938ce5ae7bb10987af0ffa1591988972ecd4a9ac50dad384a0cb
SSDEEP

3072:ODo/CKXbDkeyQhR248wB90FCIre9d8Xp2vd1bI/HcqiEY:ODo/Cleyc44Z07re9wpEd1c/bC

Score

6^/10

bootkit discovery persistence

Malware Config

Targets

- Target
  
  JaffaCakes118_8af1d340b454a1be3badaca66cbe8b2b
- Size
  
  182KB
- MD5
  
  8af1d340b454a1be3badaca66cbe8b2b
- SHA1
  
  be3bf8fe4de5cba24c3ed16e02dbd8c721db26a9
- SHA256
  
  e6be7b1924d058804c0a7bfc5183a5fdc99acf1df65d36102889eab28ef5fcc2
- SHA512
  
  ef9b1ab17a2f0e002e45fb701fed82a155c2b49d2e22730c07a5f301d7145bde5d7a94b4e1e3938ce5ae7bb10987af0ffa1591988972ecd4a9ac50dad384a0cb
- SSDEEP
  
  3072:ODo/CKXbDkeyQhR248wB90FCIre9d8Xp2vd1bI/HcqiEY:ODo/Cleyc44Z07re9wpEd1c/bC
Score

6^/10

bootkit persistence discovery
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistence

behavioral2

bootkitdiscoverypersistence