Overview

overview

7

Static

static

7

fbacfea27f...18.exe

windows7-x64

7

fbacfea27f...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbacfea27fd7e797ede573b3a0271c81_JaffaCakes118

  • Size

    2.2MB

  • Sample

    240420-cddg8aed7x

  • MD5

    fbacfea27fd7e797ede573b3a0271c81

  • SHA1

    af6eeb69de05631274d5d4d8e50c73382bfdae65

  • SHA256

    8180ee4a0479848d6489f40669df43e4c1e40132e4c2fdc177ba003698b09aaa

  • SHA512

    d51751d1eea21c2c2bc655cc4fe127c74fa62a8777af65f76950737d36a50d3d3b3a73e9532696a3c2c9c495e658ae35482318889fd619b398d3dc46b4cccfda

  • SSDEEP

    49152:Qh1inZlcK7GBE48VcAruQwTXTrnvCefHpIUD/xWhVDCXJ5S5TYFUKd4dTXq:QI+KSXzA1Ov5I6ghYXJo5YxCrq

Score
7/10
bootkitpersistenceupx

Malware Config

Targets

    • Target

      fbacfea27fd7e797ede573b3a0271c81_JaffaCakes118

    • Size

      2.2MB

    • MD5

      fbacfea27fd7e797ede573b3a0271c81

    • SHA1

      af6eeb69de05631274d5d4d8e50c73382bfdae65

    • SHA256

      8180ee4a0479848d6489f40669df43e4c1e40132e4c2fdc177ba003698b09aaa

    • SHA512

      d51751d1eea21c2c2bc655cc4fe127c74fa62a8777af65f76950737d36a50d3d3b3a73e9532696a3c2c9c495e658ae35482318889fd619b398d3dc46b4cccfda

    • SSDEEP

      49152:Qh1inZlcK7GBE48VcAruQwTXTrnvCefHpIUD/xWhVDCXJ5S5TYFUKd4dTXq:QI+KSXzA1Ov5I6ghYXJo5YxCrq

    Score
    7/10
    bootkitpersistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

1
T1542

Bootkit

1
T1542.003

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks