Overview

overview

7

Static

static

7

f00566138e...18.exe

windows7-x64

7

f00566138e...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f00566138e4b49827a78e052861ebd26_JaffaCakes118

  • Size

    237KB

  • Sample

    240415-b99d4aec61

  • MD5

    f00566138e4b49827a78e052861ebd26

  • SHA1

    d12743ff63f9e6488cfb6240873c9b522de6aaaf

  • SHA256

    08a3d814070504c4416fe0e0639ef818cb2cce3ffe5f704b09f81025de7afc89

  • SHA512

    b22b7c7039c3d21974d59ddfa9a067cd6ad2fd6942a8f9d5f87a6709f65d2034bae6ac3fc9e42b3c1017e0b516ede8127a778dd631ec8fe6dfcee74098e0353e

  • SSDEEP

    3072:NlELL7XOCw0xQCdMey44tVkZj+8FzB7C1XWLmjPUXiYR8Pyqs5oC6IxsHZQGt28:m3kOMeaavF17EP6qyqs576GsHZA8

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      f00566138e4b49827a78e052861ebd26_JaffaCakes118

    • Size

      237KB

    • MD5

      f00566138e4b49827a78e052861ebd26

    • SHA1

      d12743ff63f9e6488cfb6240873c9b522de6aaaf

    • SHA256

      08a3d814070504c4416fe0e0639ef818cb2cce3ffe5f704b09f81025de7afc89

    • SHA512

      b22b7c7039c3d21974d59ddfa9a067cd6ad2fd6942a8f9d5f87a6709f65d2034bae6ac3fc9e42b3c1017e0b516ede8127a778dd631ec8fe6dfcee74098e0353e

    • SSDEEP

      3072:NlELL7XOCw0xQCdMey44tVkZj+8FzB7C1XWLmjPUXiYR8Pyqs5oC6IxsHZQGt28:m3kOMeaavF17EP6qyqs576GsHZA8

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks