Overview

overview

7

Static

static

3

f8fd7dc0c1...18.exe

windows7-x64

7

f8fd7dc0c1...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8fd7dc0c123e8cffbd0daf66e673b16_JaffaCakes118

  • Size

    288KB

  • Sample

    240418-3g3vdsaa79

  • MD5

    f8fd7dc0c123e8cffbd0daf66e673b16

  • SHA1

    e4f69b6a5e20783c5bf0e0f1315337b2998aa293

  • SHA256

    3ee416f63b9b04df31e2457ba17945527add2a684e81e92071793e8fa4352e2a

  • SHA512

    1de31fd12a810898eee838eea028b9e92f53871a11b075655d533397e084db9ab41290560de296cefde4ab4670f86d03431582c72cbd41afe43585901f8bb1b7

  • SSDEEP

    6144:F2SRl1v19xL3ZEOe950VPphh41SMtOoZTgwWQM:EWlVlY95wDhSOoZ053

Score
7/10
bootkitpersistencespywarestealer

Malware Config

Targets

    • Target

      f8fd7dc0c123e8cffbd0daf66e673b16_JaffaCakes118

    • Size

      288KB

    • MD5

      f8fd7dc0c123e8cffbd0daf66e673b16

    • SHA1

      e4f69b6a5e20783c5bf0e0f1315337b2998aa293

    • SHA256

      3ee416f63b9b04df31e2457ba17945527add2a684e81e92071793e8fa4352e2a

    • SHA512

      1de31fd12a810898eee838eea028b9e92f53871a11b075655d533397e084db9ab41290560de296cefde4ab4670f86d03431582c72cbd41afe43585901f8bb1b7

    • SSDEEP

      6144:F2SRl1v19xL3ZEOe950VPphh41SMtOoZTgwWQM:EWlVlY95wDhSOoZ053

    Score
    7/10
    bootkitpersistencespywarestealer

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks