0bb7e3c0492d977fe3b32844b0bccec70a808c2f7a2e36ab0942ed8101d54783

Sharing

Copy URL

Twitter E-mail

General

Target

fc008e3aa4c44b45ac4a44a0be3ea0c2_JaffaCakes118
Size

5.8MB
Sample

240420-fvlfyahd36
MD5

fc008e3aa4c44b45ac4a44a0be3ea0c2
SHA1

7d20bf1d39c557c4c19574d1b8f3a04c65a9915d
SHA256

0bb7e3c0492d977fe3b32844b0bccec70a808c2f7a2e36ab0942ed8101d54783
SHA512

5bfb46e17ec8446f6221799e3cef7dd89f6be8adf35f84ac58a02fd0fa3cdd01d81e268676642af2f40a00e99de88dbf5fb4f6d3c27b6bf4af53f8593961be41
SSDEEP

98304:KM9bI6zz2VZncg4hte5NO/y7jmzvtbctqZ+Tn6RMQ7o38WyoUqYAV4Jaju5hDy3q:Lzz2XncXINO/dcqZin6D9reYAV4I6G3q

Score

7^/10

bootkit persistence

Malware Config

Targets

- Target
  
  fc008e3aa4c44b45ac4a44a0be3ea0c2_JaffaCakes118
- Size
  
  5.8MB
- MD5
  
  fc008e3aa4c44b45ac4a44a0be3ea0c2
- SHA1
  
  7d20bf1d39c557c4c19574d1b8f3a04c65a9915d
- SHA256
  
  0bb7e3c0492d977fe3b32844b0bccec70a808c2f7a2e36ab0942ed8101d54783
- SHA512
  
  5bfb46e17ec8446f6221799e3cef7dd89f6be8adf35f84ac58a02fd0fa3cdd01d81e268676642af2f40a00e99de88dbf5fb4f6d3c27b6bf4af53f8593961be41
- SSDEEP
  
  98304:KM9bI6zz2VZncg4hte5NO/y7jmzvtbctqZ+Tn6RMQ7o38WyoUqYAV4Jaju5hDy3q:Lzz2XncXINO/dcqZin6D9reYAV4I6G3q
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BrandingURL.dll
- Size
  
  4KB
- MD5
  
  71c46b663baa92ad941388d082af97e7
- SHA1
  
  5a9fcce065366a526d75cc5ded9aade7cadd6421
- SHA256
  
  bb2b9c272b8b66bc1b414675c2acba7afad03fff66a63babee3ee57ed163d19e
- SHA512
  
  5965bd3f5369b9a1ed641c479f7b8a14af27700d0c27d482aa8eb62acc42f7b702b5947d82f9791b29bcba4d46e1409244f0a8ddce4ec75022b5e27f6d671bce
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral5 behavioral6
- Target
  
  $SMPROGRAMS/ٵơư/.lnk
- Size
  
  344B
- MD5
  
  4c2a7c403e0c28333f645a363f606da8
- SHA1
  
  fe61f5e318e323fab9af329245e4bba6128aa5c6
- SHA256
  
  c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14
- SHA512
  
  8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5
Score

3^/10
behavioral7 behavioral8
- Target
  
  ReflexiveArcade/ReflexiveArcade.dll
- Size
  
  948KB
- MD5
  
  5df9b87dff99847624727707a0e587c6
- SHA1
  
  e5c557e21d94f7a74428d07c65608efc667e1ed0
- SHA256
  
  839ec073f85eede6c7c54fb76cd219b059cf901762976bc8519cac1128fea669
- SHA512
  
  976f37af9f464086fe90bb23a7cd5f61ab12f22b901e0cb21923a3f980a1f084d3861008bbfd8e8ff5ad1e513d0eaf560648bdce6456f6b57f3da78466350724
- SSDEEP
  
  24576:abXC5u9nKIfaCMbWoWlk4HRR+i7sZ8CW5kpEJSbwgilJ+5t6riO8gnOpl4Cjs9t1:8VnKIfaCMbWoWlk4HRR+i7n5+5t+iOLh
Score

1^/10
behavioral10 behavioral9
- Target
  
  SDL.dll
- Size
  
  224KB
- MD5
  
  5eb7049ad2a0f79300f94ec25488878a
- SHA1
  
  a68ebb2009790ccf3deaebe8db9664a36a48f94a
- SHA256
  
  af0614b86d4ba1b18da1da3eb611fd9f819d43a1108cbbe5df0e902216852523
- SHA512
  
  7269885a74a7918bc6c2a46231244ec96fd5e401be9090e02706b80b1d27c90f6ca5c33b6f61ad25e1ba35a53d3966958c783da214c1e5bb426cc57d06091a7f
- SSDEEP
  
  6144:hjnKK2rrrrrrwDqrqKDWnF3I/NwqcvIeGgXl:5nKK2rrrrrrwDqrqKKF3Ix/
Score

1^/10
behavioral11 behavioral12
- Target
  
  SDL_image.dll
- Size
  
  36KB
- MD5
  
  0806f5a57426aa9efa8e83bf8abf28e4
- SHA1
  
  4e8034db61a14c666b2b6bd06bca297e6d69d645
- SHA256
  
  b8ded3363231095ffa16fb3db46568d8459269023f0c1846beaa0000bf4ba790
- SHA512
  
  b9741aa16b9f45acd2d3262d06f1c7c275ca1d47466c8b5dd4cac8db6afd87bb6001936e9ff1834ecd0f87550a9300d372381289005f14ba164edb07ff80e6d1
- SSDEEP
  
  384:I2MwCZn1bbnllVagYWECdiPxmYUwQgbiTQl/miu28SC8DcU+MtYvB9oc:I2Mw01bbnDVfYWECdgx5besFu1S9teZ
Score

1^/10
behavioral13 behavioral14
- Target
  
  SDL_mixer.dll
- Size
  
  280KB
- MD5
  
  8cfcde8f112cf019788117ec57865dff
- SHA1
  
  50b19775094b08db071cb63224cb0c43eaed853c
- SHA256
  
  f50888a22357443e573b0deede99195f80914d38ff2e5c12579279e6a6208521
- SHA512
  
  95875fc3ec6209a14643b3d166e42a2bef9c21c8418f17eb068a82ab2d5a47cc474824bad5a7731e7cdd437a74dae8f8910391be98cd6319516ed3f3547a97d7
- SSDEEP
  
  6144:LSZLjNWYV/ac9dZnZYZj4vfab7fb3//IhdSdssFo201:7YNHrTYZj4vfafTK0ssFo201
Score

1^/10
behavioral15 behavioral16
- Target
  
  SDL_ttf.dll
- Size
  
  165KB
- MD5
  
  57e661eb0715dc77a60f344e9ab5d8a2
- SHA1
  
  8d46b913112bf339c0cb202c7763d02369954119
- SHA256
  
  b2750edd981056708f33e1046dafe6d45bc82eb78636ecf368de898503769f59
- SHA512
  
  af66c0ca6e546626aee97e0843abe51e659a86a7e59fa478f20943e7d39432e4121d119d6d9b2d069f9b44ba4e3b735f775e231f72e541174b50d9a238914035
- SSDEEP
  
  3072:t5ufy6aMFaNJ23Hbps9SzlvWJ3w6jCc0v7JCTYRcVQQY8bem826vfd8093N7XFJJ:tsdaMFG231seluJgTXyVQQY8g
Score

1^/10
behavioral17 behavioral18
- Target
  
  bbb.exe
- Size
  
  1.5MB
- MD5
  
  5a090e5cc569ba0021df79115256d0b4
- SHA1
  
  7949b5a3ca432d9d63201ce29810cfdafbde05ce
- SHA256
  
  9b8af759ea2c190423291db0d14aa4e68f78ab80f43372efddaa445b332b5b8e
- SHA512
  
  2d7f854d04652aaeeb92738cb56a93d440e1097ba70b89d2a77c4888006fcd7fb454018fbc09d56f3e23523eb5c4c5e35078543866823da3ca1161daa9882575
- SSDEEP
  
  49152:hN8BXjYmjv39rA5cHB0jIQKf0DjzPhMVkj0fvoX4QIrx:haBX0mjSmh0jIHf0DjzPhMVkj0fvoX4J
Score

7^/10

bootkit persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral19 behavioral20
- Target
  
  jpeg.dll
- Size
  
  165KB
- MD5
  
  e9666bc50ad4c10025c5be293e79f0c2
- SHA1
  
  f6fe9dac299714a6360fbe875659faf8d5e1fc57
- SHA256
  
  a20dd457485f6455163fca175d72419fd0b820676241e6194edf8c971f5a64b0
- SHA512
  
  9c4297dcbc8ffbffe7cbafa3cf9bd5232185942868df40c9dc7d4951a7e26deb5fc8866a281e77314f5cb8369989a08586f10f10b4099db9e3f1d333b9656930
- SSDEEP
  
  3072:2sJGuNqNX8pNhsgL5hYA/caYIq/WF1lWbos4DMgR8mfU:FGuNqNX6dZcF/WF1lU14DM7mc
Score

3^/10
behavioral21 behavioral22
- Target
  
  libpng1.dll
- Size
  
  92KB
- MD5
  
  eeeedbc3d2e133461b8d13c508ab3133
- SHA1
  
  f21e3b9a3a87d54177be593a13cf41e074cc55d5
- SHA256
  
  286c2e5383ce3236051f3f4e9007cd979f8677c5bfe21368718e26c8d77b5137
- SHA512
  
  9cadc4a9f2d07d250c1898e99f24347a31df09cfcc8e0b66a23d8139edcca112a8125802a5526b990613ac2bb57ec8dfa1f219c7a3abe5e1ddf66e92fcc87c62
- SSDEEP
  
  1536:koIx2Vq2jEaTvE4lGP7l7oeeiNES2zMTkYjQ+:koxNTPlGP7l0eeiNERII8Q+
Score

1^/10
behavioral23 behavioral24
- Target
  
  uninst.exe
- Size
  
  66KB
- MD5
  
  e5461a14262765a5b18ac2d319bd370f
- SHA1
  
  b1b27d2cb6e613515acb76a611c5e3695284be45
- SHA256
  
  fa7a686d97235623051ad6d475c7e7555ec863f849aa68724811ba8fb14bae75
- SHA512
  
  211cdb7688009e6dfc92c30cde36de28d2150051249e0d4bb9edd45b1bb5f6f61ceabf6701124220fd691c46fb3828d824c8dce0430aba56912047559e190eb3
- SSDEEP
  
  768:0lKW4LmOQU5iuyYPyAyDkvi8JkRio6MjfS+tXJoiI9aC5CP8nn3gYRNBbUFtWsQF:AKNLH58uyYkDHKQXJoiBYRN6QcIwg2RG
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral25 behavioral26
- Target
  
  zlib.dll
- Size
  
  52KB
- MD5
  
  baf50241f7c97d5bce3371b9d45816c5
- SHA1
  
  757b029a1d65c89406cffbbc80b43c026482eaf7
- SHA256
  
  07148db288df8b8315cc9e874471c202fce59d0f1118f44e284d4bf722252776
- SHA512
  
  2f848729a2c841e85e62396683a2dd8246ad7906d9e5db0e2aa7845d30f285240dd348cf1eab31a6256319a4fe732f1967afbcb8f9127461b71ea3e553a480c1
- SSDEEP
  
  768:NRagNniRy7pA2cp+k8AVfgibjlR1L+zwWMyK3y8XuNN6OxPs6:NR6RmpITVfgin1iz91jq8U3
Score

3^/10
behavioral27 behavioral28
- Target
  
  .lnk
- Size
  
  344B
- MD5
  
  4c2a7c403e0c28333f645a363f606da8
- SHA1
  
  fe61f5e318e323fab9af329245e4bba6128aa5c6
- SHA256
  
  c755fd0b870f2367e644f899afd720c4aee7b019b5584a14421c407e7910de14
- SHA512
  
  8516481f41413d3ec958a07af39aad889840f964d7cb1f8027142f9c65abea9821e3bf2fcfdd9fb2b1c676031d3096d478bf06586deaaac05a7d451b0c2146e5
Score

3^/10
behavioral29 behavioral30

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks BIOS information in registry

Writes to the Master Boot Record (MBR)

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30