Overview

overview

6

Static

static

3

1a9c058cda...18.exe

windows7-x64

6

1a9c058cda...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a9c058cda6968df0e5c6c3d89d8f85b_JaffaCakes118

  • Size

    302KB

  • Sample

    240701-kes83a1glf

  • MD5

    1a9c058cda6968df0e5c6c3d89d8f85b

  • SHA1

    47c39ce56c933932131f167d38b0828ea25da508

  • SHA256

    13c6f5f6a20fcbbc4401fb8b85d048846606479b43038f5cdb3dd8b9015125b1

  • SHA512

    4910919daa4fe3743e60660bb9687c774d483df277f259cf96aa00b12f6351c3813c164f860c6387a4f267172c38f0f296ae08d6e28e534b3ffc57c5cc418f9c

  • SSDEEP

    6144:0pnLSs0Sb5H+kHJahwy/yfKx/8GcsMBvMCmJpXY:0pLSsR5EK+esTCmrY

Score
6/10
bootkitpersistence

Malware Config

Targets

    • Target

      1a9c058cda6968df0e5c6c3d89d8f85b_JaffaCakes118

    • Size

      302KB

    • MD5

      1a9c058cda6968df0e5c6c3d89d8f85b

    • SHA1

      47c39ce56c933932131f167d38b0828ea25da508

    • SHA256

      13c6f5f6a20fcbbc4401fb8b85d048846606479b43038f5cdb3dd8b9015125b1

    • SHA512

      4910919daa4fe3743e60660bb9687c774d483df277f259cf96aa00b12f6351c3813c164f860c6387a4f267172c38f0f296ae08d6e28e534b3ffc57c5cc418f9c

    • SSDEEP

      6144:0pnLSs0Sb5H+kHJahwy/yfKx/8GcsMBvMCmJpXY:0pLSsR5EK+esTCmrY

    Score
    6/10
    bootkitpersistence

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks