e23f77f01db70121a7be6fb70c826294f468d89d0a857548fc57835d83fb5496 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

fc7194217e...18.exe

windows7-x64

7

fc7194217e...18.exe

windows10-2004-x64

7

Sharing

General

Target

fc7194217eefa41746e3d4155f8a5731_JaffaCakes118
Size

202KB
Sample

240420-lfy2daeb2x
MD5

fc7194217eefa41746e3d4155f8a5731
SHA1

8e97a9ecd133308bf19483c61119865665dbf5a6
SHA256

e23f77f01db70121a7be6fb70c826294f468d89d0a857548fc57835d83fb5496
SHA512

1e36cdac625983c782126f2a29a1c6a9805f9472ec3175b55600e2247517b5e95ef8733bb3e4be81856fb70e470a6bc33404325d6e8187b0909634f0609a782b
SSDEEP

3072:21lgKarBjCfYJ2Gkwf+uthTGF/Pke0A9Xoi+eMHZV4WovThXcY7UmA:21mKx+dtE5PkuXohHZVFshMbD

Score

7^/10

bootkit persistence upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

fc7194217eefa41746e3d4155f8a5731_JaffaCakes118.exe

Resource

win7-20231129-en

bootkit persistence upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

fc7194217eefa41746e3d4155f8a5731_JaffaCakes118.exe

Resource

win10v2004-20240412-en

bootkit persistence upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  fc7194217eefa41746e3d4155f8a5731_JaffaCakes118
- Size
  
  202KB
- MD5
  
  fc7194217eefa41746e3d4155f8a5731
- SHA1
  
  8e97a9ecd133308bf19483c61119865665dbf5a6
- SHA256
  
  e23f77f01db70121a7be6fb70c826294f468d89d0a857548fc57835d83fb5496
- SHA512
  
  1e36cdac625983c782126f2a29a1c6a9805f9472ec3175b55600e2247517b5e95ef8733bb3e4be81856fb70e470a6bc33404325d6e8187b0909634f0609a782b
- SSDEEP
  
  3072:21lgKarBjCfYJ2Gkwf+uthTGF/Pke0A9Xoi+eMHZV4WovThXcY7UmA:21mKx+dtE5PkuXohHZVFshMbD
Score

7^/10

bootkit persistence upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2024

Terms | Privacy